Forge Home

sshkeymanager

publish your SSH Public Key configuration from SSH Key Manager to your hosts

9,878 downloads

9,019 latest version

3.8 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.3 (latest)
  • 0.1.2
  • 0.1.1
  • 0.1.0
released May 14th 2015

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'hggh-sshkeymanager', '0.1.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add hggh-sshkeymanager
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install hggh-sshkeymanager --version 0.1.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

hggh/sshkeymanager — version 0.1.3 May 14th 2015

sshkeymanager Build Status

publish your SSH Key Manager configuration to your hosts via Puppet.

you need the SSH Key Manager Django Webapp: https://github.com/hggh/sshkeymanager-django

Vagrant Box available: https://github.com/hggh/sshkeymanager-vagrant

Table of Contents

  1. Overview
  2. Requirements
  3. Usage - Configuration options and additional functionality
  4. Parameters
  5. Hiera configuration
  6. SSH configuration

Overview

Puppet module to publish your SSH Key Manager configuration for your hosts via Puppet. This module requires to use the SSH Key Manager Application (Django Webapp) and export the configuration to JSON format for Hiera.

Requirements

  • puppetlabs/stdlib
  • Hiera

Usage

deployment of ssh public keys

use the main class for deploy your ssh public keys to your hosts.

class { 'sshkeymanager':
}

export ssh public key configuration from webapp to the puppet master

on your puppet master server the keys should exported. This class installs the api client programm, the cronjob and the directories:

class { 'sshkeymanager::puppet':
  directory => '/etc/sshkeymanager-hiera',
  storepath => '/etc/sshkeymanager-hiera/{environment}/nodes/{fqdn}.json',
  apikey    => 'your-api-key-from-django',
  address   => 'http://localhost:8000/api/getkeys/',
}

install the django webapp with the puppet module

class { 'sshkeymanager::webapp':
  django_secret_key => '23fdDfsd§sf#fdff§$3Ddd',
  api_keys          => [ 'foobar', 'examplekey' ],
}

Parameters

class { 'sshkeymanager':
  directory => '/etc/sshkeymanager',
}

Per default the sshkeymanager class uses the directory /etc/sshkeymanager. You can change the directory to your needs.

Hiera configuration

You need to add the json backend to your Hiera configuration:

---
:backends:
   - json
   - yaml
:hierarchy:
  - "nodes/%{clientcert}"
  - "%{environment}"
  - common
:json:
  :datadir: '/etc/sshkeymanager-hiera/%{environment}'

SSH configuration

You need to edit on all servers that uses the sshkeymanager class the SSHd configration to point to the directory there all keys are saved:

AuthorizedKeysFile /etc/sshkeymanager/%u 

To allow also user key in there own homedirectory you need to setup this:

AuthorizedKeysFile /etc/sshkeymanager/%u .ssh/authorized_keys

Using the SSH module(https://forge.puppetlabs.com/saz/ssh) from Puppet Forge it looks like:

class { 'ssh::server':
  options => {
    'AuthorizedKeysFile' => '/etc/sshkeymanager/%u',
  }
}