1CDIST-TYPE__SSH_AUTHORIZED_KEYS(7) cdist CDIST-TYPE__SSH_AUTHORIZED_KEYS(7)
2
3
4
6 cdist-type__ssh_authorized_keys - Manage ssh authorized_keys files
7
9 Adds or removes ssh keys from a authorized_keys file.
10
11 This type uses the __ssh_dot_ssh type to manage the directory contain‐
12 ing the authorized_keys file. You can disable this feature with the
13 --noparent boolean parameter.
14
15 The existence, ownership and permissions of the authorized_keys file
16 itself are also managed. This can be disabled with the --nofile boolean
17 parameter. It is then left to the user to ensure that the file exists
18 and that ownership and permissions work with ssh.
19
21 key the ssh key which shall be added to this authorized_keys file.
22 Must be a string and can be specified multiple times.
23
25 comment
26 explicit comment instead of the one which may be trailing the
27 given key
28
29 file an alternative destination file, defaults to ~$owner/.ssh/autho‐
30 rized_keys
31
32 option an option to set for all created authorized_key entries. Can be
33 specified multiple times. See sshd(8) for available options.
34
35 owner the user owning the authorized_keys file, defaults to object_id.
36
37 state if the given keys should be 'present' or 'absent', defaults to
38 'present'.
39
41 noparent
42 don't create or change ownership and permissions of the direc‐
43 tory containing the authorized_keys file
44
45 nofile don't manage existence, ownership and permissions of the the
46 authorized_keys file
47
49 # add your ssh key to remote root's authorized_keys file
50 __ssh_authorized_keys root \
51 --key "$(cat ~/.ssh/id_rsa.pub)"
52
53 # allow key to login as user-name
54 __ssh_authorized_keys user-name \
55 --key "ssh-rsa AXYZAAB3NzaC1yc2..."
56
57 # allow key to login as user-name with options and expicit comment
58 __ssh_authorized_keys user-name \
59 --key "ssh-rsa AXYZAAB3NzaC1yc2..." \
60 --option no-agent-forwarding \
61 --option 'from="*.example.com"' \
62 --comment 'backup server'
63
64 # same as above, but with explicit owner and two keys
65 # note that the options are set for all given keys
66 __ssh_authorized_keys some-fancy-id \
67 --owner user-name \
68 --key "ssh-rsa AXYZAAB3NzaC1yc2..." \
69 --key "ssh-rsa AZXYAAB3NzaC1yc2..." \
70 --option no-agent-forwarding \
71 --option 'from="*.example.com"' \
72 --comment 'backup server'
73
74 # authorized_keys file in non standard location
75 __ssh_authorized_keys some-fancy-id \
76 --file /etc/ssh/keys/user-name/authorized_keys \
77 --owner user-name \
78 --key "ssh-rsa AXYZAAB3NzaC1yc2..."
79
80 # same as above, but directory and authorized_keys file is created elswhere
81 __ssh_authorized_keys some-fancy-id \
82 --file /etc/ssh/keys/user-name/authorized_keys \
83 --owner user-name \
84 --noparent \
85 --nofile \
86 --key "ssh-rsa AXYZAAB3NzaC1yc2..."
87
89 sshd(8)
90
92 Steven Armstrong <steven-cdist--@--armstrong.cc>
93
95 Copyright (C) 2012-2014 Steven Armstrong. You can redistribute it
96 and/or modify it under the terms of the GNU General Public License as
97 published by the Free Software Foundation, either version 3 of the
98 License, or (at your option) any later version.
99
101 ungleich GmbH 2019
102
103
104
105
1066.3.0 Dec 12, 2019CDIST-TYPE__SSH_AUTHORIZED_KEYS(7)