[Puppet Users] ssh_authorized_key pattern-list
Hi guys, I am trying to add a restriction to an SSH public key in the authorized_keys file. The restriction is to only allow ssh access from certain IP addresses using that particular SSH key. SSH has something called pattern-list where you can add from= ahead of the public key in the authorized_keys. something like this: from="10.0.0.?,*.example.com" ssh-rsa AB3Nz...EN8w== u...@example.com I couldn't find the ssh_authorized_key attribute that can help achieve that. Can someone please help me find a way to do it using puppet ssh_authorized_key resource? Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/6af03fb5-e720-488e-89ec-a7bf48b41dean%40googlegroups.com.
Re: [Puppet Users] ssh_authorized_key pattern-list
hmmm, I will give it a try. Thanks On Sunday, September 11, 2022 at 3:58:04 PM UTC-7 ianm wrote: > On Sat, 2022-09-10 at 08:26 -0700, Saad Butto wrote: > > > I found that too but it defers you to SSH options. It doesn't say how > > to use from= with puppet ssh_authorized_key resource. > > Options is an array. Most commonly used options are from and command. > Something like this in hiera is what we use: > > options: ['from="allowed.host"', 'command="allowed_command"'] > > > -- > Ian > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a8a79c3e-2d5f-4bb2-85e6-d9a5c8c06c37n%40googlegroups.com.
Re: [Puppet Users] ssh_authorized_key pattern-list
Hi Ian, I found that too but it defers you to SSH options. It doesn't say how to use from= with puppet ssh_authorized_key resource. Thanks On Sunday, September 4, 2022 at 3:07:48 PM UTC-7 ianm wrote: > On Wed, 2022-08-31 at 14:03 -0700, Saad Butto wrote: > > > > I couldn't find the ssh_authorized_key attribute that can help > > achieve that. > > > > Can someone please help me find a way to do it using puppet > > ssh_authorized_key resource? > > > https://puppet.com/docs/puppet/5.5/types/ssh_authorized_key.html#ssh_authorized_key-attribute-options > > > -- > Ian > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a46928bb-2c02-4f99-815c-ab5593ac55een%40googlegroups.com.