Modifying OpenSSH formula state to populate public/private DSA and RSA keys based on pillar data
This commit is contained in:
Mark Eggert
parent
244becf041
commit
92ac8a32aa
@ -12,14 +12,56 @@ openssh:
|
||||
- file: sshd_banner
|
||||
- watch:
|
||||
- file: sshd_config
|
||||
{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
|
||||
- file: /etc/ssh/ssh_host_dsa_key
|
||||
- file: /etc/ssh/ssh_host_dsa_key.pub
|
||||
{% endif %}
|
||||
{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
|
||||
- file: /etc/ssh/ssh_host_rsa_key
|
||||
- file: /etc/ssh/ssh_host_rsa_key.pub
|
||||
{% endif %}
|
||||
|
||||
sshd_config:
|
||||
file.managed:
|
||||
- name: /etc/ssh/sshd_config
|
||||
- source: salt://openssh/files/sshd_config
|
||||
- user: root
|
||||
- mode: 600
|
||||
|
||||
sshd_banner:
|
||||
file.managed:
|
||||
- name: /etc/ssh/banner
|
||||
- source: salt://openssh/files/banner
|
||||
- template: jinja
|
||||
|
||||
{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
|
||||
ssh_host_dsa_key:
|
||||
file.managed:
|
||||
- name: /etc/ssh/ssh_host_dsa_key
|
||||
- contents_pillar: 'openssh:dsa:private_key'
|
||||
- user: root
|
||||
- mode: 600
|
||||
|
||||
ssh_host_dsa_key.pub:
|
||||
file.managed:
|
||||
- name: /etc/ssh/ssh_host_dsa_key.pub
|
||||
- contents_pillar: 'openssh:dsa:public_key'
|
||||
- user: root
|
||||
- mode: 600
|
||||
{% endif %}
|
||||
|
||||
{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
|
||||
ssh_host_rsa_key:
|
||||
file.managed:
|
||||
- name: /etc/ssh/ssh_host_rsa_key
|
||||
- contents_pillar: 'openssh:rsa:private_key'
|
||||
- user: root
|
||||
- mode: 600
|
||||
|
||||
ssh_host_rsa_key.pub:
|
||||
file.managed:
|
||||
- name: /etc/ssh/ssh_host_rsa_key.pub
|
||||
- contents_pillar: 'openssh:rsa:public_key'
|
||||
- user: root
|
||||
- mode: 600
|
||||
{% endif %}
|
||||
|
||||
@ -0,0 +1,18 @@
|
||||
#``openssh`` formula configuration:
|
||||
openssh:
|
||||
dsa:
|
||||
private_key: |
|
||||
-----BEGIN DSA PRIVATE KEY-----
|
||||
NOT_DEFINED
|
||||
-----END DSA PRIVATE KEY-----
|
||||
public_key: |
|
||||
ssh-dss NOT_DEFINED
|
||||
provide_dsa_keys: False
|
||||
provide_rsa_keys: False
|
||||
rsa:
|
||||
private_key: |
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
NOT_DEFINED
|
||||
-----END RSA PRIVATE KEY-----
|
||||
public_key: |
|
||||
ssh-rsa NOT_DEFINED
|
||||
Loading…
Reference in New Issue
Block a user