将现有的ssh authorized_keys导入puppet资源

时间:2013-02-11 08:40:07

标签: ssh puppet

有没有办法将/root/.ssh/authorized_keys中的所有现有ssh密钥自动导入puppet?例如:

如果我在/root/.ssh/ssh_authorized_keys中有以下内容:

ssh-rsa AAAAakljsehrkjysdfjkhasdkfhskjghg== userA@hostA
ssh-rsa AAAAajklrkljeykljrsyehkrjryekjdkj== userB@hostB

我想运行类似的东西:

puppet resource ssh_authorized_key

并获得以下输出:

ssh_authorized_key {'userA':
    ensure => present,
    key    => 'AAAAakljsehrkjysdfjkhasdkfhskjghg==',
    type   => 'ssh-rsa',
    name   => 'userA@hostA',
    user   => 'root',
}
ssh_authorized_key {'userB':
    ensure => present,
    key    => 'AAAAajklrkljeykljrsyehkrjryekjdkj==',
    type   => 'ssh-rsa',
    name   => 'userB@hostB',
    user   => 'root',
}

这有可能吗?

1 个答案:

答案 0 :(得分:6)

可能有点矫枉过正,但您可以运行blueprint并获取所需的部分或简单的bash脚本:

while read line; do 
    keytype=$(echo $line | awk '{print $1}'); 
    keystr=$(echo $line | awk '{print $2}'); 
    username=$(echo $line | awk '{print $3}');

    echo "ssh_authorized_key {'$(echo $username | awk -F'@' '{print $1}')':"; 
    echo "  ensure => present,"; 
    echo "  key => '$keystr',"; 
    echo "  type => '$keytype',"; 
    echo "  name => '$username',"; 
    echo "  user => '$(whoami)',"; 
    echo "}"; 
done < .ssh/authorized_keys

来源:http://shtuff.it/article/7/Generate_Puppet_ssh_authorized_keys_resource_from_existing_keys