[rudder-users] Distribute sshkeys Rudder
Nicolas Charles
nicolas.charles at normation.com
Thu May 22 09:34:00 CEST 2014
On 20/05/2014 04:43, Benoit LAURENT wrote:
> Hello,
>
> Le 19/05/2014 19:34, Ben a écrit :
>>
>> Hello,
>>
>> I use Rudder to distribute ssh-keys in my servers.
>> I have configured technique for deploy ssh key for 2 users (benoit and
>> stef), and technique to create user (benoit and stef).
>> But after 2 days, only benoit keys user's is deploy on servers, stef
>> user does'not deploy.
>>
>> I debug cfengine in my client server I find file
>> /var/rudder/cfengine-community/inputs/sshKeyDistribution/2.0/sshKeyDistribution.cf,
>>
>> and inside I find :
>> "sshkey_distribution_name[1]" string => "benoit";
>> "sshkey_distribution_name[2]" string => "stef";
>>
>> "sshkey_distribution_key[1]" string => "ssh-dss [....]"
>> "sshkey_distribution_key[2]" string => "ssh-dss [...]"
>> And it is configured keys, but when I apply configuration It says:
>>
>> But my authorized key is empty:
>> ll /home/stef/.ssh/
>> total 0
>> -rw------- 1 stef stef 0 May 19 12:21 authorized_keys
>>
>
> I find the solution (I think). The key who have problem does'not
> terminate by "=". But I find in cfengine confs, a regexp for ssh key
> lines who = in the end is needed.
> expression =>
> regextract("(.*\s+)?(ssh-rsa|ssh-dss)\s+(\S{1,1000})\S*(\s+.+)?\Z",
> "${keyspec}", "keybits" );
>
> When I delete the "=" is this regexp is OK. Where is the standart who
> defines that ssh keys was terminate by egal ?
>
> Thanks for your help,
>
> Regards,
> Benoit
Hi Benoit,
Thank you for your feedback; indeed it is not mandatory for ssh keys to
finish by = ( http://tools.ietf.org/html/rfc4716 )
The existing ticket ( http://www.rudder-project.org/redmine/issues/4719
) has been updated with your finding
Regards
Nicolas
More information about the rudder-users
mailing list