Issue #1581 has been updated by Alex Cline.
As a workaround, I'm using the [concat](http://forge.puppetlabs.com/ripienaar/concat) module to manage the authorized_keys file for the users that require full key addition and deletion. Here's an example for root's authorized_keys file: concat { '/root/.ssh/authorized_keys': owner => root, group => root, mode => '0600', } concat::fragment { 'Header for root authorized_keys': target => '/root/.ssh/authorized_keys', content => "# This file is managed by puppet. Any changes will be discarded\n\n", order => 01, } $username = 'joeuser' $key = 'ssh-rsa AAAAB3NzaC1...snip...qgEyqw== [email protected]' concat::fragment { "root authorized_key for ${username}": target => '/root/.ssh/authorized_keys', content => "${key}\n", } This workaround assumes that all keys in the target file are managed by puppet and any others can be discarded. Obviously, the same could be used for individual user authorized_keys files. ---------------------------------------- Feature #1581: Ability to purge .ssh/authorized_keys https://projects.puppetlabs.com/issues/1581#change-94335 * Author: Lars Volker * Status: Accepted * Priority: Normal * Assignee: eric sorenson * Category: ssh * Target version: * Affected Puppet version: 0.24.4 * Keywords: * Branch: ---------------------------------------- As I'm new to puppet i'll try to describe this as good as i can. I wanted to use the ssh_authorized_key type to add keys to ssh. After a discussion on irc i was suggested to use virtual resources and realize each key for each class needed. This worked well for me. However i am not able to purge all other keys from the authorized_keys file without either specifying the comment or by copying an empty file there before adding the keys, which causes the system to lock up until the update is done. I tried using resources{} type, but as ssh_authorized_key doesn't support "self.instances" this was also of no success. The feature i'd like to have is an implementation of "instances" so resources{} works for authorized_keys. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
