On Mon, 3 Jun 2013 09:15:56 -0700 (PDT)
Marek Dohojda <chro...@gmail.com> wrote:
>
>
> On Saturday, June 1, 2013 1:59:36 PM UTC-6, Stefan Schulte wrote:
> >
> > On Fri, 31 May 2013 15:56:30 -0700 (PDT)
> > Marek Dohojda <chr...@gmail.com <javascript:>> wrote:
> >
> > > Having weird issue that I can't seem to find any solution to:
> > >
> > > puppet 2.7.21 and 2.6.9
> > >
> > > here is my stanza: ssh_authorized_key{ �$name�:
> > >
> > > ensure => present,
> > > name => "$name",
> > > key => "$key",
> > > type => $type,
> > > user => "$name",
> > > require => File["$myhome/.ssh"]
> > >
> > > }
> >
> > a common pitfall is that name contains spaces (at least trailing
> > spaces should cause issues) or that people specify the key
> > parameter as something like "ssh-rsa AAAAB3NzaC1kc3MAAA" while
> > instead you have to specify "AAAAB3NzaC1kc3MAAA" as the key and
> > "ssh-rsa" as the type.
> >
> > So does `$key` contain any spaces? Does `$name` contain any
> > trailing spaces?
> >
> > Can you please post one of the entries that is filling up
> > your /var/log/messages?
> >
> > -Stefan
> >
>
> I wish it was so simple :) I ensured the keys are fine, and there are
> no spaces.
>
> here is a sample (sanitized)
> (/Stage[main]/<class>/<class>::Mkuser[<user>]/Ssh_authorized_key[<user>]/ensure)
>
> created
>
>
>
>
>
>
So puppet thinks the key is absent otherwise it would not print this
message. But you also do not see duplicate key entries, right?
Without your actual manifest and the file content I can only take
guesses here:
- do you manage the authorized key file in any way besides
ssh_authorized_key resources? Are you sure you do not have some file
{ 'authorized_key' :ensure => absent} around that would cause puppet
to delete and recreate the file in every run?
- for security reasons the authorized_key file is modifed as the user
specified with the `user` parameter. Is this one able to read and
write to the file? Is `~username/.ssh/authorized_keys` owned by
the user specified with the `user` parameter?
- do you have the same key in another `authorized_key` file regardless
if you manage this second key with puppet or not? By the same key, I
mean an ssh key with the same comment (which puppet mapps to the
`name` parameter)
-Stefan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
