Issue #3872 has been updated by Daniel Johnson.
I think that it should be made to be possible to do either. In the situation that a sysadmin leaves the organization, or worse their laptop is stolen you probably want to remove their ssh keys in every possible place that they exist. In most situations though it seems like you would want the behavior to be user specific. ---------------------------------------- Bug #3872: ssh_authorized_key intended behaviour? https://projects.puppetlabs.com/issues/3872 Author: Brad Meier Status: Needs More Information Priority: Normal Assignee: Category: ssh Target version: Affected Puppet version: 0.25.4 Keywords: Branch: I was replacing a user's authorized key by using an ssh_authorized_key with ensure => absent and adding a differently named key with an ensure => present below it. Both defined the user parameter. But the key was removed from a different user's authorized_keys (they had the same key, with the same name in their keyring). So, user A has key 1 and key 2, I want key 1 removed, key 2 added. User B has key 1 also in his authorized_keys, is also defined on the same system. If I set user A's key 1 to be removed from user A's authorized_keys (user => A) it proceeds to remove it from User B's authorized_keys and anywhere else it finds it. As long as the authorized_keys file has a reference in a user definition, it removes key 1. Is the ensure => absent supposed to remove the key by key name only and ignore the user => A part? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
