* Luke Youngblood <[EMAIL PROTECTED]> [18.05.2005 07:19]:
> 1. Has anyone implemented an authorized_keys distribution system that
> uses editfiles rather than copy?
I'm using something like:
{ /root/.ssh/authorized_keys
AutoCreate
Backup "off"
DeleteLinesStarting "ssh-rsa AAAA..... revoked"
AppendIfNoSuchLine "ssh-rsa AAAA..... admin"
}
> 2. Do you think it would be possible to build an authorized_keys file
> on the fly if you had each sysadmin's public key as a line in an editfiles
> statement?
See above.
> 3. Taking this even further, could a sysadmin's public key
> automatically be copied from their home directory and updated on the master
> cfengine repository to be included in an editfiles statement. (This last
> action would allow anyone to regenerate their ssh key using ssh-keygen and
> have cfengine automatically update all authorized_keys files on all servers
> they have access to)
A little perl on the repository server could do this, but I don't see
that much changes on admin keys.
Regards,
Armin Wolfermann
_______________________________________________
Help-cfengine mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-cfengine
