[OOTB-infra] ssh pubkeys
Martin Cosgrave
martin at ocretail.com
Wed Feb 18 13:17:10 GMT 2015
Foreman/puppet can manage the ssh keys and users for each machine in its
control, so what I can do is create a puppet manifest with authorised
users' usernames and keys in, and apply that to the configuration of
every machine. This means that puppet will constantly keep the
authorized_keys updated and if we want to remove a key from all servers
we can do so very easily from a single configuration.
Therefore if you would like to send me your public ssh keys, please do
so. I will add you as a user to the manifest along with your keys, so
you should be able to log on to all puppet-managed machines
We can selectively apply the keys on a per-machine basis, for example we
may define flags such as 'allow_devs' 'allow_testers' etc. and apply
them differently to each machine.
More information about the OOTB-infra
mailing list