aboutsummaryrefslogtreecommitdiff
path: root/manifests/init.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/init.pp')
-rw-r--r--manifests/init.pp40
1 files changed, 40 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 569b234..7b14e8b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -90,6 +90,18 @@ class sshd::base {
content => template("sshd/sshd_config/${operatingsystem}_normal.erb"),
notify => Service[sshd],
}
+ # Now add the key, if we've got one
+ case $sshrsakey_key {
+ '': { info("no sshrsakey on $fqdn") }
+ default: {
+ @@sshkey{"$hostname.$domain":
+ type => ssh-rsa,
+ key => $sshrsakey_key,
+ ensure => present,
+ require => Package["openssh-clients"],
+ }
+ }
+ }
service{'sshd':
name => 'sshd',
enable => true,
@@ -154,12 +166,40 @@ class sshd::openbsd inherits sshd::base {
}
### defines
+# wrapper to have some defaults.
+define sshd::ssh_authorized_key(
+ $type = 'ssh-dss',
+ $key,
+ $user = 'root',
+ $target = undef,
+ $options = 'absent'
+){
+ ssh_authorized_key{$name:
+ type => $type,
+ key => $key,
+ user => $root,
+ target => $target,
+ }
+
+ case $options {
+ 'absent': { info("not setting any option for ssh_authorized_key: $name") }
+ default: {
+ Ssh_authorized_key[$name]{
+ options => $options,
+ }
+ }
+ }
+}
+
+# deprecated!
define sshd::deploy_auth_key(
$source = 'present',
$user = 'root',
$target_dir = '/root/.ssh/',
$group = 0 ) {
+ notice("this way of deploying authorized keys is deprecated. use the native ssh_authorized_key instead")
+
$real_target = $target_dir ? {
'' => "/home/$user/.ssh/",
default => $target_dir,