* Jeremy Mates <[EMAIL PROTECTED]> [16.12.2005 22:36]:
> Could you adjust the from="" statement and other SSH options based on
> class using editfiles?
The key fingerprint makes an excellent match criteria, e.g.
DeleteLinesContaining "AAAAB3NzaC1..."
AppendIfNoSuchLine "from=\"10.1.1.1\" ssh-rsa AAAAB3NzaC1..."
> How easily can you drop the same deployment SSH key into, say, all the
> "tomcat" group role accounts... do you have to duplicate the public
> key into the different editfiles blocks?
Define your keys in the control section:
control:
joe = ( "ssh-rsa AAAAB3NzaC1..." )
bob = ( "ssh-rsa AAAAB3NzaC1..." )
editfile:
{ /this/.ssh/authorized_keys
AutoCreate
Backup "off"
DeleteLinesContaining "$(joe)"
DeleteLinesContaining "$(bob)"
AppendIfNoSuchLine "$(joe)"
}
{ /that/.ssh/authorized_keys
AutoCreate
Backup "off"
DeleteLinesContaining "$(joe)"
DeleteLinesContaining "$(bob)"
AppendIfNoSuchLine "$(bob)"
}
Regards,
Armin Wolfermann
_______________________________________________
Help-cfengine mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-cfengine
