similar to: realizing virtual ssh_authorized_key

Hi all, I want to use puppet to distribute keys to multiple users. I wanted to do something like we have already: - define a key per real person - define groups containing several keys, people can be in multiple groups - deploy these groups of keys to specific users however it looks like the ssh_authorized_key resource ties a key and a user together so it looks like I fall at the first

Hello! I''ve got question - how to use ssh_autorized_key as a virtual resource? I''ve got bunch of users and ssh_authorized_key virtual resources, but only users gets to the target system - ssh keys not... I write something like: class admins { @user { "username": ... } @ssh_authorized_key { "username": ensure => present, key => "...",

I have a define that looks like this: define user::sys_user($fullname, $uid, $groups, $shell=''/bin/bash'', $authkey, $authkey_type=rsa) { $username = "sys_${name}" group { $username: gid => $uid, } user { $username: require => Group[$username], ensure => present,

Hi all, I''m a new puppet user and I''m running into some weirdness around creating users on solaris. (puppet version 0.23.2) The virt_all_users way of managing users seems pretty reasonable, but I don''t see how to deal with user specific groups with that. I have: class virt_all_users { @user { "seph": ensure => "present",

I have about 30 dev. and operation users on my machines, is there a recipe anywhere for doing this? The best practices doc on the wiki is incomplete and confusing. Also, any workaround for the ssh_authorized_key bug in 24.8? All I really want to do is create users, home directories and put ssh keys in them, but it tries to add the keys first, so it doesn''t work.

I have a pretty simple setup. I''ve got a linux nat box, with some internal hosts. I''ve also got some servers in a dmz. It looks something like this: Internet | (external network) | | | | linux dmz nat hosts |

Hi, this might be a dumb question, but I''m not finding much information online. I''m trying to setup a 2.6 linux box to run nat across multiple upstream links as a simple way to aggregate bandwidth. I found the instructions in lartc section 4.2 (http://lartc.org/howto/lartc.rpdb.multiple-links.html) fairly clear and straightforward. I implemented those, and a couple of trivial

I''ve been using camptocamp''s iptables module. It works pretty well, lets me define rules in various modules, etc. Now I find myself needing to generate a commented list of it''s rules. I notice that the README has a nice exec suggestion. But, when I try it, I can''t get it to work. In my iptables/manifests/init.pp I have: Iptables { before =>

I can''t seem to get the authorized_key type to work at all on my systems. Below is my configuration that I used. I could have something missing but the examples I see make it difficult to compare. Additionally if I try and do the reverse using puppet resource nothing comes up: puppet resource ssh_authorized_key (this returns nothing) puppet resource ssh_authorized_key username

Puppet 0.24.8... I am trying to use ssh_authorized_key to create passwordless logins for a couple of accounts. The important thing to note is I''m trying to get the source ("root@somehost" below) as part of the key, and the same key needs to be added to two different accounts on the system. It appears that the resource name is the only place I can set the originating source

I''m trying to setup a puppetmaster, and I''ve got a couple of questions. The first, is a design question. Since I expect to eventually have multiple puppetmaster servers, I''d like to name this one to be named puppet1.example.com. But I''d like my clients to connect via a cname as puppet.example.com. Is this pretty standard? Is there some more common way?

Hello Im just been working with puppet, the first usecase i have is to set up a system to create users and then push ssh keys on this machines in the create users .ssh files. I just started with puppet so i am a bit cluesless, Can someone push me in the right direction? Im having a centos enviorment. -- You received this message because you are subscribed to the Google Groups "Puppet

Package: xen-hypervisor-3.0-unstable-1-i386-pae Version: 3.0-unstable+hg11561-1 It's great having a pae hypervisor packaged for debian, but it'd be a lot more useful with a pae kernel seph

Hello, I''m trying to reuse an ssh_authorized_key, but I''m having some problems. There was a recent thread about using the same key for different users, but I didn''t see any resolution there. My issue is a bit different. I''m currently using this key: class ssh_keys::all { class bob { ssh_authorized_key {"bob": name =>

puppet version 0.24.8 from debian lenny-backports My class works and resource created the authorized_keys file. But puppet detect as ensure absent and added again and again my authorized_keys got fews the same key lines. I added the target => ''/home/test/.ssh/authorized_keys'', again ensure is absent. I replace the ssh_authorized_key.rb from 0.25rc1 and again ensure is

Inspired by the recent thread titled "Array input of dirs, ensuring their existence" I thought I''d write up the problem I''m running into. I was chatting on irc about it, I don''t think puppet has a clean solution. Like the other poster, I''m defining an object that takes an array. In my case, I''m defining gpg keystore, which can contain a

Hi, I have this resource definition: ssh_authorized_key { "nagios@login2": key => [REDACTED] user => "nagios", type => "ssh-dss", require => Service[''nis''], } This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by puppet and configured before the key. I still get an "User does not

Here is my situation: 1. We use Active directory (LDAP) to store all user info which is retrieved from linux 2. A home directory is not created until the first time the user logs into the linux system I am using the ssh_authorized_key type to push out my ssh keys to every system. However, because I haven''t logged into every system at least once. Puppet errors out due to a missing

Hi all, I have no problem with creating ssh keys for users, but as soon as I specify ''options'', puppet keeps repeating and replacing the key with an identical key. I have written the various options in various formats, like one big strings, as an array, with double quotes or single quotes, etc, etc (see examples below), but the issue stays as a string ... @authorizedkey {

I''m still thinking about how my puppet deployment will go. Right now, I''m thinking each of my machines will have their network interfaces defined/configured by puppet. But, I''d like to generate my zone files and dhcpd.conf from this data as well. How do people generally do this? I expect I''ll end up generating the nodes.pp files from some database, but