From 6c34c73f7e4c5203321547b699c6eaba9de8e2fe Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Thu, 27 Jun 2013 10:52:54 +0200
Subject: switch to own define for managing ssh keys

The problem with puppet's built-in ssh_authorized_key is that you can
purge unmanaged keys in a authorized_keys file. see
https://leap.se/code/issues/3010 for details.

Conflicts:
	puppet/modules/site_sshd/manifests/authorized_keys.pp

Change-Id: I640bf7ebc0f0f7fb19cc46feb4cb2702d6561a9b
---
 puppet/modules/site_sshd/templates/authorized_keys.erb | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 puppet/modules/site_sshd/templates/authorized_keys.erb

(limited to 'puppet/modules/site_sshd/templates/authorized_keys.erb')

diff --git a/puppet/modules/site_sshd/templates/authorized_keys.erb b/puppet/modules/site_sshd/templates/authorized_keys.erb
new file mode 100644
index 00000000..3c65e8ab
--- /dev/null
+++ b/puppet/modules/site_sshd/templates/authorized_keys.erb
@@ -0,0 +1,6 @@
+# NOTICE: This file is autogenerated by Puppet
+# all manually added keys will be overridden
+
+<% keys.sort.each do |user, hash| -%>
+<%=hash['type']-%> <%=hash['key']%> <%=user%> 
+<% end -%> 
-- 
cgit v1.2.3