similar to: trouble diagnosing exported resources

Hello... Is this a bug or by design? I''m using exported resources to generate /etc/ssh/ssh_known_hosts. I changed the example from the docs to this: @@sshkey { "$fqdn,$hostname,$ipaddress": type => rsa, key => $sshrsakey, } so that I would get one line per host in the ssh_know_hosts file. What happened was that on each run several (all?)

Hi , I was testing puppet exported resources as in http://docs.puppetlabs.com/guides/exported_resources.html and I had this test class (code is from another post). class ssh_known_hosts{ case $sshrsakey { '''': { alert("No sshrsakey found for $fqdn") } default: { @@sshkey { $fqdn:

I''m trying to create a ssh class where the /etc/ssh/ssh_known_hosts and /etc/ssh/shosts.equiv stays updated. The issue i''m finding is that if I include a "tag == anything" in the Collector filter, it collects all resources EXCEPT it''s own. In this case, the known_hosts and .equiv files will have all the other hostnames, but not it''s own hostname.

Hullo, I am attempting to use collections in order to distribute ssh keys across (soon) many hosts but I am hitting some trouble (the recipe I am using is at the end of this email). Namely it looks like sshkeys resources are not marked as exported in the sqlite db. I.e. if I do: sqlite3 clientconfigs.sqlite3 SQLite version 3.3.5 Enter ".help" for instructions sqlite> select *

I am attempting to remove an old ssh host key from /etc/ssh/ssh_known_hosts. In my manifest, I have the following: # add keys @@sshkey { $hostname: ensure => present, type => "rsa", key => $sshrsakey, } # remove key @@sshkey { "foohost": ensure => absent, type => "rsa", } Sshkey <<| |>> But I get this error on

Hello all, How are you using the sshkey type? Are you using it to list hosts and keys in a class that nodes include in order to manage /etc/ssh/ssh_known_hosts or something else? How does any of this relate to the sshrsakey and sshdsakey facts on the host? I read some stuff about this on the Virtual Resources page but it''s too vague for my simple mind and I''d be reluctant to use

Hi, I''m new to Puppet. And I''m trying out an ssh module: https://github.com/saz/puppet-ssh. It collects ssh keys like this: class ssh::knownhosts { Sshkey <<| |>> { ensure => present, } notify{"knownhosts class: $fqdn $hostname $ipaddress ":} } I can see it echoes the host key of the host the puppet agent runs on. But the

Hi, does anyone have any elegant solutions for managing shosts.equiv? In my puppet ssh module, host keys for /etc/ssh/ssh_known_hosts are automatically managed with: @@sshkey { $hostname: ensure => present, type => "rsa", key => $sshrsakey, } Sshkey <<| |>> Is there a similar construct for

Hello all, I''d like to have Puppet distributing one of your server''s (public) SSH keys, effectively doing the same as the ssh-copy-id command. Is there a build in puppet resource type for managing SSH keys. We''re running version 0.24.4 of puppet. Regards, Kenneth Holter --~--~---------~--~----~------------~-------~--~----~ You received this message because you are

Is there any work going into placing keys in a central directory such as LDAP ? Jeff McElroy jmcelroy at dtgnet.com

Hello to all, I have been battling this situation now for 3 days and still have not found a resolution. I appeal to any and all for help. Here are the facts as far as I can tell. 1) I moved a 66 node rocks based cluster to a diskless cluster using the latest version of Centos and all updates in place. 2) users are added with home directory mounted across the nodes on the cluster so a

`git describe' says V_7_3_P1-207-gc924b2ef (shouldn't it say V_7_4_P1-<yadayada>?). This is what I see: gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I.

I''m currently searching around/reading up on exported resources, but figured I''d ping the list to see if someone had a quick answer. I''m collecting and exporting ssh keys, basically like the example in ProPuppet and in the wiki etc. I was collecting both rsa and dsa keys, and exporting all keys. I''ve stopped collecting dsa keys, we don''t care about

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

https://bugzilla.mindrot.org/show_bug.cgi?id=3192 Bug ID: 3192 Summary: openssh-8.2 & openssl-1.1.1d error: dereferencing pointer to incomplete type Not found struct BIO , bio->num_write Product: Portable OpenSSH Version: 8.2p1 Hardware: Other OS: Linux Status: NEW

Add support to load additional certificates for already loaded private keys. Useful if the private key is on a PKCS#11 hardware token. The private keys inside ssh-agent are now using a refcount to share the private parts between "Identities". The reason for this change was that the PKCS#11 code might have redirected ("wrap") the RSA functions to a hardware token. We don't

update server autobuild to set up a new isolated vm environment and go through the server installer process and rails tests --- autobuild.sh | 65 ++++++++++++++++++++++++++++++++++++++++++ ovirt-installer-test-answers | 21 +++++++++++++ ovirt-server-test.ks | 37 ++++++++++++++++++++++++ 3 files changed, 123 insertions(+), 0 deletions(-) create mode 100644

On Thu, Oct 11, 2018 at 10:41 AM Damien Miller <djm at mindrot.org> wrote: > On Wed, 10 Oct 2018, Adam Eijdenberg wrote: > > We see this error on the client side: > > > > debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> > > ... > > debug1: Offering public key: RSA-CERT SHA256:xxx /path/to/key > > debug1: send_pubkey_test: no

Hi, I''m attempting to distribute a known host ssh key (for github) to an Ubuntu 10.04 host. Puppet is distributing the key into /etc/ssh/ ssh_known_hosts as: github.com ssh-rsa [really long ssh-rsa key] However, Ubuntu seems to expect the key in this format: |1|[really long ssh-rsa key] (note all the keys in my known_hosts and ssh_known_hosts not managed by puppet are prepended with

https://bugzilla.mindrot.org/show_bug.cgi?id=2680 Bug ID: 2680 Summary: Regression in server-sig-algs offer in 7.4p1 (Deprecation of SHA1 is not being enforced) Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5