summaryrefslogtreecommitdiff
path: root/puppet/modules/site_sshd/templates
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2013-06-27 10:52:54 +0200
committerMicah Anderson <micah@riseup.net>2013-06-30 12:51:35 -0400
commit6c34c73f7e4c5203321547b699c6eaba9de8e2fe (patch)
tree96ca00bde1b03468508301e3a28565035f49fd58 /puppet/modules/site_sshd/templates
parent3b6f11a60778d5cb3ae265980e4e4870bf065de2 (diff)
switch to own define for managing ssh keys
The problem with puppet's built-in ssh_authorized_key is that you can purge unmanaged keys in a authorized_keys file. see https://leap.se/code/issues/3010 for details. Conflicts: puppet/modules/site_sshd/manifests/authorized_keys.pp Change-Id: I640bf7ebc0f0f7fb19cc46feb4cb2702d6561a9b
Diffstat (limited to 'puppet/modules/site_sshd/templates')
-rw-r--r--puppet/modules/site_sshd/templates/authorized_keys.erb6
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/modules/site_sshd/templates/authorized_keys.erb b/puppet/modules/site_sshd/templates/authorized_keys.erb
new file mode 100644
index 00000000..3c65e8ab
--- /dev/null
+++ b/puppet/modules/site_sshd/templates/authorized_keys.erb
@@ -0,0 +1,6 @@
+# NOTICE: This file is autogenerated by Puppet
+# all manually added keys will be overridden
+
+<% keys.sort.each do |user, hash| -%>
+<%=hash['type']-%> <%=hash['key']%> <%=user%>
+<% end -%>