ssh-key declaration with same key name #3
Comments
|
Hi, Key names need to be unique, because they are setup in puppet using the "ssh_authorized_key" resource. And all resources need a unique name. I guess I could name the keys using the user and the key name, which would ensure that the resource name is unique. So yes this is on purpose, but not necessarily a good idea. For now, please keep using different names until I get a chance to fix this and update the documentation... maarten On 20 Aug 2013, at 15:06, tabletick [email protected] wrote:
|
|
Hi, I thought you've already done that: When you configured `key1= 'foofoo', I end up with I'm not sure why the module produces key1-key1key. From what I could quickly see was that you've used the username as well, therefore I got puzzled when you've mentioned you haven't done that yet. |
|
Ah yes so that's why I did that ;). I guess I could make the resource unique by using this mechanism and still use the key name provided by the user. This would cause less confusion perhaps? On 22 Aug 2013, at 15:58, tabletick [email protected] wrote:
|
|
Yes, I guess so. Alternatively you could mention it in your documentation. I guess that's why I made the mistake of choosing the same keyname in the first place. |
Definitely better :-) I needed that for our setup, having the module use the resource name as the key name was too restrictive. I modified the ssh_authorized_keys.pp manifest, adding the line below to the ssh_authorized_keys resource definition: name => $hash[$name]['name'],and in my hiera file added the 'name' parameter: This way you can deploy the same key to more than one user, with the same key name (i.e. key comment in authorized_keys file). |
|
Forgive my ignorance as I'm just starting with puppet and I've been trying to use the module without success :( I have the same issue (deploy the same key to different users) and I think that the key should always be unique, since the resource name includes both the user and the key name in ssh_authorized_keys.pp: ssh_authorized_key { "${user}-${name}" :
...
}However, it seems to me that the problem is actually not with the resource 'ssh_authorized_key' but with 'users::ssh_authorized_keys' in setup.pp and I'm unable to make it work. I tried the suggestion given by @noemif but it didn't work too. I guess there's more somewhere. I'm sure I'm missing something...
This is how my yaml looks like now (I've tried it in different ways though. Different values for the key 'name', without the key 'name' and so on... The only thing that actually worked was changing the key name to something unique): users_admins:
adm:
ensure: present
comment: Admin
uid: 45001
managehome: true
ssh_authorized_keys:
luis.alen:
name: 'luis.alen'
ensure: present
type: 'ssh-rsa'
key: 'mykeydata=='
users_developers:
dev:
ensure: present
uid: 45000
comment: Developer
managehome: true
ssh_authorized_keys:
luis.alen:
name: 'luis.alen'
ensure: present
type: 'ssh-rsa'
key: 'mykeydata=='@noemif, was the ssh_authorized_keys resource definition all you changed to make it work? |
|
+1 for fixing this |
|
+1, running into this same issue as well |
Hi,
when declaring two users with the same key name, an error is returned
Error:
Changing this to different names for the keys fixes the issue. But since this isn't pointed out in the documentation, I wonder if this is on purpose.
The text was updated successfully, but these errors were encountered: