Puppet users - Dec 2009 - ssh::auth version 0.3.2 released

I''ve uploaded version 0.3.2 of ssh::auth to
http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth .  This
release fixes a couple of bugs since version 0.3:

* Fix parser error in ssh_auth_namecheck
* Fix wrong $home when user is specified separately for a client or server

In addition, the documentation now makes clear that ssh::auth won''t
manage
the users'' $home/.ssh directories; the site admin has to do that.

ssh::auth is a Puppet module that provides centralized creation,
distribution, and revocation of ssh keys for users.  Features:

* Each user may have one or more ssh key pairs, centrally created on the
keymaster and distributed to servers and clients.

* Each key pair may be installed onto any set of clients, and enabled for
authentication as any user(s) on any set of servers.

* Keys may have login options set as in authorized_keys(5), e.g. to force
certain commands to run or limit port forwarding.

* Keys can be uninstalled or revoked, either manually or automatically at
given intervals, and new ones automatically created and distributed.

Installation is easy, as it''s just one file.

ssh::auth aims to provide a complete solution for managing ssh keys for
users, with a well-defined and -documented interface.  There''s a
comparison
to the other ssh-related tools available in Puppet at
http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth#comparisons
.

Andrew.

--

You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to
puppet-users-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
puppet-users+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Andrew,
I''d like to integrate your ssh::auth in my module set
(www.example42.com), hope you don''t mind.
I''m going to change the license of my modules from Creative Commons to
GPL3 in order to be more free to integrate other users modules
released under GPL3.

Best regards
Al

On 29 Dic 2009, 15:49, Andrew Schulman <google-groups-
and...@sneakemail.com> wrote:
> I''ve uploaded version 0.3.2 of ssh::auth
tohttp://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth.  This
> release fixes a couple of bugs since version 0.3:
>
> * Fix parser error in ssh_auth_namecheck
> * Fix wrong $home when user is specified separately for a client or server
>
> In addition, the documentation now makes clear that ssh::auth
won''t manage
> the users'' $home/.ssh directories; the site admin has to do that.
>
> ssh::auth is a Puppet module that provides centralized creation,
> distribution, and revocation of ssh keys for users.  Features:
>
> * Each user may have one or more ssh key pairs, centrally created on the
> keymaster and distributed to servers and clients.
>
> * Each key pair may be installed onto any set of clients, and enabled for
> authentication as any user(s) on any set of servers.
>
> * Keys may have login options set as in authorized_keys(5), e.g. to force
> certain commands to run or limit port forwarding.
>
> * Keys can be uninstalled or revoked, either manually or automatically at
> given intervals, and new ones automatically created and distributed.
>
> Installation is easy, as it''s just one file.
>
> ssh::auth aims to provide a complete solution for managing ssh keys for
> users, with a well-defined and -documented interface.  There''s a
comparison
> to the other ssh-related tools available in Puppet
athttp://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth#compa...
> .
>
> Andrew.
--

You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

> Andrew,
> I''d like to integrate your ssh::auth in my module set
> (www.example42.com), hope you don''t mind.
> I''m going to change the license of my modules from Creative
Commons to
> GPL3 in order to be more free to integrate other users modules
> released under GPL3.
Sure, I have no objection.  I can''t get your site to come up just now,
so I''m
not sure what''s there, but you''re welcome to it.

--

You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to
puppet-users-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
puppet-users+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

The correct link is http://www.example42.com
Before there was a redirect to http://www.example42.com:811 that it
doesn''t work if you are behind a proxy.
I''ve finally placed a reverse proxy to avoid such a problem.

Thanks,
Al

(the commit with your ssh:auth is not yet online)

On 2 Gen, 16:49, Andrew Schulman <google-groups-and...@sneakemail.com>
wrote:
> > Andrew,
> > I''d like to integrate your ssh::auth in my module set
> > (www.example42.com), hope you don''t mind.
> > I''m going to change the license of my modules from Creative
Commons to
> > GPL3 in order to be more free to integrate other users modules
> > released under GPL3.
>
> Sure, I have no objection.  I can''t get your site to come up just
now, so I''m
> not sure what''s there, but you''re welcome to it.
--

You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

> The correct link is http://www.example42.com
> Before there was a redirect to http://www.example42.com:811 that it
> doesn''t work if you are behind a proxy.
Or a firewall that doesn''t allow outbound connections to arbitrary
ports.
> I''ve finally placed a reverse proxy to avoid such a problem.
Thanks, yes, I see it now.
Andrew.

--

You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to
puppet-users-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
puppet-users+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.