On 11/26/2012 08:54 PM, Matt Zagrabelny wrote:
> On Mon, Nov 26, 2012 at 1:47 PM, Jakov Sosic <[email protected]> wrote:
>> Hi.
>>
>> I'm wondering is there a way to manage ssh servers, in a way that every
>> machine has it's own key?
>
> I've used the "private" file server mechanism to serve out node sensitive
> files.
Thank you for the idea. Now only problem that is left is how to call a
script to generate keys if files are not accessible in private section :-/
I know one can do something like this:
file { '/etc/ssh/ssh_host_rsa_key.pub':
ensure => file,
mode => 0644,
source => [
'puppet:///private/etc/ssh/ssh_host_rsa_key.pub',
'puppet:///modules/sshd/ssh_host_rsa_key.pub',
],
require => Package['openssh-server'],
notify => Service['sshd'],
}
and put some blank default files in there, but I would much prefer to
build the keys if they are not there, and I presume I need some puppet
magic here :-/
Any ideas?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
