Hey, all; I have a number of application administration accounts which can be accessed via a select set of ssh keys. I've seen several pages/recipes for using virtual users and the ssh_authorized_key resource which look like they work well for adding and deleting keys; but, not necessarily for restricting access to *only* those keys.
More specifically, I have ~ 1200 hosts. On all of them, I have an admin account that should have ssh keys for four administrators. ~ 90% will have other admin accounts that will have an additional key in the file and a few outliers that will have 3 -4 other keys. Basically, what i"m looking for is having any keys that are not one of those automatically removed. Is there a way to do that outside of using a file resource? I'm still working my way through the ~38,000 google search results and am hoping to cut that work down a bit. Any hints greatly appreciated. Thanks Doug O'Leary -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d3b3ca4d-209b-412e-8f03-afe3dc8d5328%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
