Defined Type: ssh::authorized_key

Defined in:
manifests/authorized_key.pp

Summary

Platform independent way to specify an SSH authorized key

Overview

Parameters:

  • user (String[1]) (defaults to: $title)

    The user account in which the SSH key should be installed.

  • ensure (Enum[present, absent]) (defaults to: 'present')

    The ensure value for the ssh authorized key resource.

  • key (Optional[Ssh::Key::String]) (defaults to: undef)

    The public key itself.

  • type (Ssh::Key::Type) (defaults to: 'ssh-rsa')

    The encryption type used.

  • options (Array[Ssh::Key::Option]) (defaults to: [])

    Key options; see sshd(8) for possible values.



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'manifests/authorized_key.pp', line 12

define ssh::authorized_key (
  String[1]                  $user    = $title,
  Enum[present, absent]      $ensure  = 'present',
  Optional[Ssh::Key::String] $key     = undef,
  Ssh::Key::Type             $type    = 'ssh-rsa',
  Array[Ssh::Key::Option]    $options = [],
) {
  include ssh::params

  $use_file = $ssh::params::server_class ? {
    'ssh::server::chocolatey' => true,
    'ssh::server::cygwin'     => true,
    default                   => false,
  }

  if $use_file {
    if $ensure == present and $key {
      if $options.length() > 0 {
        $options_string = $options.join(',')
        $prefix = "${options_string} "
      } else {
        $prefix = undef
      }

      $line = "${prefix}${type} ${key} ${title}"
      concat::fragment { "ssh::authorized_key::file ${title} ${line}":
        order   => '10', # then ordered by title
        target  => "ssh::authorized_key::file ${user}",
        content => ssh::fix_eol("${line}\n"),
      }
    }
  } else {
    # ssh_authorized_key works on this platform
    ssh_authorized_key { $title:
      ensure  => $ensure,
      key     => $key,
      type    => $type,
      user    => $user,
      options => $options,
    }
  }
}