1CDIST-TYPE__SSH_AUTHORIZED_KEYS(7)   cdist  CDIST-TYPE__SSH_AUTHORIZED_KEYS(7)
2
3
4

NAME

6       cdist-type__ssh_authorized_keys - Manage ssh authorized_keys files
7

DESCRIPTION

9       Adds or removes ssh keys from a authorized_keys file.
10
11       This  type uses the __ssh_dot_ssh type to manage the directory contain‐
12       ing the authorized_keys file. You can disable  this  feature  with  the
13       --noparent boolean parameter.
14
15       The  existence,  ownership  and permissions of the authorized_keys file
16       itself are also managed. This can be disabled with the --nofile boolean
17       parameter.  It  is then left to the user to ensure that the file exists
18       and that ownership and permissions work with ssh.
19

REQUIRED PARAMETERS

21       key    the ssh key which shall be added to this  authorized_keys  file.
22              Must be a string and can be specified multiple times.
23

OPTIONAL PARAMETERS

25       comment
26              explicit  comment  instead  of the one which may be trailing the
27              given key
28
29       file   an alternative destination file, defaults to ~$owner/.ssh/autho‐
30              rized_keys
31
32       option an option to set for all created authorized_key entries.  Can be
33              specified multiple times.  See sshd(8) for available options.
34
35       owner  the user owning the authorized_keys file, defaults to object_id.
36
37       state  if the given keys should be 'present' or 'absent',  defaults  to
38              'present'.
39

BOOLEAN PARAMETERS

41       noparent
42              don't  create  or change ownership and permissions of the direc‐
43              tory containing the authorized_keys file
44
45       nofile don't manage existence, ownership and  permissions  of  the  the
46              authorized_keys file
47

EXAMPLES

49          # add your ssh key to remote root's authorized_keys file
50          __ssh_authorized_keys root \
51             --key "$(cat ~/.ssh/id_rsa.pub)"
52
53          # allow key to login as user-name
54          __ssh_authorized_keys user-name \
55             --key "ssh-rsa AXYZAAB3NzaC1yc2..."
56
57          # allow key to login as user-name with options and expicit comment
58          __ssh_authorized_keys user-name \
59             --key "ssh-rsa AXYZAAB3NzaC1yc2..." \
60             --option no-agent-forwarding \
61             --option 'from="*.example.com"' \
62             --comment 'backup server'
63
64          # same as above, but with explicit owner and two keys
65          # note that the options are set for all given keys
66          __ssh_authorized_keys some-fancy-id \
67             --owner user-name \
68             --key "ssh-rsa AXYZAAB3NzaC1yc2..." \
69             --key "ssh-rsa AZXYAAB3NzaC1yc2..." \
70             --option no-agent-forwarding \
71             --option 'from="*.example.com"' \
72             --comment 'backup server'
73
74          # authorized_keys file in non standard location
75          __ssh_authorized_keys some-fancy-id \
76             --file /etc/ssh/keys/user-name/authorized_keys \
77             --owner user-name \
78             --key "ssh-rsa AXYZAAB3NzaC1yc2..."
79
80          # same as above, but directory and authorized_keys file is created elswhere
81          __ssh_authorized_keys some-fancy-id \
82             --file /etc/ssh/keys/user-name/authorized_keys \
83             --owner user-name \
84             --noparent \
85             --nofile \
86             --key "ssh-rsa AXYZAAB3NzaC1yc2..."
87

SEE ALSO

89       sshd(8)
90

AUTHORS

92       Steven Armstrong <steven-cdist--@--armstrong.cc>
93

COPYING

95       Copyright  (C)  2012-2014  Steven  Armstrong.  You  can redistribute it
96       and/or modify it under the terms of the GNU General Public  License  as
97       published  by  the  Free  Software  Foundation, either version 3 of the
98       License, or (at your option) any later version.
99
101       ungleich GmbH 2019
102
103
104
105
1066.4.0                            Jan 04, 2020CDIST-TYPE__SSH_AUTHORIZED_KEYS(7)
Impressum