Defined Type: ssh::keygen

Defined in:
manifests/keygen.pp

Overview

This define handles generation of SSH keys through the use of the ssh-keygen(8) command.

Examples:

ssh::keygen { 'Root RSA':
  type => 'rsa',
  size => 4096
}

Parameters:

  • type (Enum['dsa', 'ecdsa', 'ed25519', 'rsa', 'rsa1']) (defaults to: 'rsa')
  • size (Optional[Integer]) (defaults to: undef)
  • passphrase (Optional[String]) (defaults to: undef)
  • target (Optional[String]) (defaults to: undef)
  • user (String) (defaults to: 'root') 


10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'manifests/keygen.pp', line 10

define ssh::keygen (
  Enum['dsa', 'ecdsa', 'ed25519', 'rsa', 'rsa1'] $type = 'rsa',
  Optional[Integer] $size                              = undef,
  Optional[String] $passphrase                         = undef,
  Optional[String] $target                             = undef,
  String $user                                         = 'root',
) {
  if !$size {
    $size_final = ssh::default_key_size($type)
  } else {
    $size_final = ssh::validate_key_size($type, $size)
  }

  if !$target {
    $user_home = $user ? {
      'root'  => '/root',
      default => "/home/${user}",
    }
    $target_final = "${user_home}/.ssh/id_${type}"
  } else {
    $target_final = $target
  }

  $args = [
    $type       ? { default => "-t ${type}" },
    $size_final ? { undef   => undef, default  => "-b ${size_final}" },
    $passphrase ? { undef   => undef, default  => "-N \"${passphrase}\"" },
    $target     ? { default => "-f ${target_final}" },
  ]

  $args_final = delete_undef_values($args)
  $command = join($args_final, ' ')

  exec { "Generate ${type} SSH key for ${name}":
    command => "/usr/bin/ssh-keygen ${command}",
    creates => "${target_final}.pub",
    user    => $user,
  }
}