Does $hostname ever get set to $hostname in the add key section ? Also, can
you show the results of: puppet resource sshkey foohost
On Thursday, August 9, 2012 1:32:40 PM UTC-7, banjer wrote:
>
> I am attempting to remove an old ssh host key from
> /etc/ssh/ssh_known_hosts. In my manifest, I have the following:
>
> # add keys
> @@sshkey { $hostname:
> ensure => present,
> type => "rsa",
> key => $sshrsakey,
> }
>
> # remove key
> @@sshkey { "foohost":
> ensure => absent,
> type => "rsa",
> }
>
> Sshkey <<| |>>
>
>
> But I get this error on puppet agents:
>
>
> root@harper~> puppet agent -t
> info: Retrieving plugin
> info: Loading facts in datacenter
> info: Loading facts in datacenter
> err: Could not retrieve catalog from remote server: Error 400 on SERVER:
> Another local or imported resource exists with the type and title
> Sshkey[foohost] on node harper
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run
>
>
> The "add keys" piece above has always worked great for dynamically adding
> to/managing the ssh_known_hosts file, but this is the first time I've tried
> to do 'ensure => absent' for a specific host's old key. I should note that
> the old host "foohost" had its OS rebuilt (was SLES, now CentOS) and I used
> the old IP on the new host. Not sure if that would affect it.
>
> The best I could find via Google was
> http://projects.puppetlabs.com/issues/11629, but it doesn't provide any
> clues as to what needs to be cleaned out or if my manifest syntax is off.
> I also tried adding "Sshkey <<| |>>" after "add keys" AND after "remove
> key".
>
> I think I need to clean out stale something-or-other for foohost on all my
> nodes. Any ideas? Thank you thank you.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/96PhfiUHpaEJ.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
