Luke Youngblood wrote:
3. Taking this even further, could a sysadmin's public key
automatically be copied from their home directory and updated on
the master cfengine repository to be included in an editfiles
statement. (This last action would allow anyone to regenerate
their ssh key using ssh-keygen and have cfengine automatically
update all authorized_keys files on all servers they have access to)
I'm currently doing something like this for ssh host keys. I copy all machines' keys to a directory on the server and call a perl script everytime one or more keys are copied, to construct the known_hosts file. I don't see any reason why this shouldn't work for public login keys in pretty much the same way.
Alex
-- Alexander Jolk / BUF Compagnie tel +33-1 42 68 18 28 / fax +33-1 42 68 18 29
_______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
