Provides 2 LWRPs to manage system-wide and per-user ssh_config
and known_host
files.
When using SSH with Chef deployments, it's crucial to not get any prompts for input. Adding entries to known_hosts
files and better managing your per-connection configuration can help with this.
An important thing to note is that if you create a user during a chef run, be sure to reload OHAI data so that the new user will be in the node data. For instance:
ohai "reload_passwd" do
plugin "passwd"
end
Action | Description | Default |
add |
Adds an entry for the given host to a `known_hosts` file |
Yes |
remove |
Removes entries for a host from a `known_hosts` file |
|
Attribute | Description | Default Value |
host |
Name attribute: the FQDN for a host to add to a `known_hosts` file
|
nil |
hashed |
A Boolean indicating if SSH is configured to use a hashed `known_hosts` file.
|
true |
key |
A full line to add to the file, instead of performing a lookup for the host.
|
nil |
user |
A username to add the `known_hosts` entry for. If unspecified, the known_host will be added system-wide. Note: if specified, the user
must already exist.
|
nil |
path |
A full path to a known_hosts file. If used with the `user` attribute, this will take precedence over the path to a user's file, but the file will be created (if necessary) as that user.
|
nil |
ssh_known_hosts "github.com" do
hashed true
user 'webapp'
end
Action | Description | Default |
add |
Adds an entry for the given host to a `ssh_config` file |
Yes |
remove |
Removes entries for a host from a `ssh_config` file |
|
Attribute | Description | Default Value |
host |
Name attribute: the string to match when connecting to a host. This can be an IP, FQDN (github.com), or contain wildcards (*.prod.corp)
|
nil |
options |
A hash containing the key-values to write for the host in
|
true |
user |
A username to add the `ssh_config` entry for. If unspecified, the known_host will be added system-wide. Note: if specified, the user
must already exist.
|
nil |
path |
A full path to a known_hosts file. If used with the `user` attribute, this will take precedence over the path to a user's file, but the file will be created (if necessary) as that user.
|
nil |
ssh_config "github.com" do
options 'User' => 'git', 'IdentityFile' => '/var/apps/github_deploy_key'
user 'webapp'
end