Hi, I''m attempting to distribute a known host ssh key (for github) to an Ubuntu 10.04 host. Puppet is distributing the key into /etc/ssh/ ssh_known_hosts as: github.com ssh-rsa [really long ssh-rsa key] However, Ubuntu seems to expect the key in this format: |1|[really long ssh-rsa key] (note all the keys in my known_hosts and ssh_known_hosts not managed by puppet are prepended with ''|1|'' on my Ubuntu boxes). Am i missing something here? Or does Ubuntu just handle these files differently and I have to come up with a workaround? Thanks in advance, Evan Stachowiak -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Oct 3, 2011, at 7:39 AM, Evan Stachowiak wrote:> Hi, > > I''m attempting to distribute a known host ssh key (for github) to an > Ubuntu 10.04 host. Puppet is distributing the key into /etc/ssh/ > ssh_known_hosts as: > > github.com ssh-rsa [really long ssh-rsa key] > > However, Ubuntu seems to expect the key in this format: > > |1|[really long ssh-rsa key] > > (note all the keys in my known_hosts and ssh_known_hosts not managed > by puppet are prepended with ''|1|'' on my Ubuntu boxes). > > Am i missing something here? Or does Ubuntu just handle these files > differently and I have to come up with a workaround?---- I think you are missing something and actually Ubuntu handles ssh - authorized_keys/known_hosts/public keys, etc. just the same as every other type of Linux/Macintosh/Windows OpenSSH implementation. Start with the man page... man authorized_keys |1| is actually a hashed format. Craig -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Evan Stachowiak
2011-Oct-05 21:03 UTC
Re: [Puppet Users] sshkey resource type in Ubuntu 10.04
Thanks, Craig, very helpful. For anyone searching for this, the answer was to use the unhashed key. To find the unhashed key, use this command: ssh-keyscan -t rsa hostname On Mon, Oct 3, 2011 at 1:36 PM, Craig White <craig.white@ttiltd.com> wrote:> > On Oct 3, 2011, at 7:39 AM, Evan Stachowiak wrote: > > > Hi, > > > > I''m attempting to distribute a known host ssh key (for github) to an > > Ubuntu 10.04 host. Puppet is distributing the key into /etc/ssh/ > > ssh_known_hosts as: > > > > github.com ssh-rsa [really long ssh-rsa key] > > > > However, Ubuntu seems to expect the key in this format: > > > > |1|[really long ssh-rsa key] > > > > (note all the keys in my known_hosts and ssh_known_hosts not managed > > by puppet are prepended with ''|1|'' on my Ubuntu boxes). > > > > Am i missing something here? Or does Ubuntu just handle these files > > differently and I have to come up with a workaround? > ---- > I think you are missing something and actually Ubuntu handles ssh - > authorized_keys/known_hosts/public keys, etc. just the same as every other > type of Linux/Macintosh/Windows OpenSSH implementation. > > Start with the man page... > > man authorized_keys > > |1| is actually a hashed format. > > Craig > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.