Puppet Function: ssh::validate_key_size

Defined in:
functions/validate_key_size.pp
Function type:
Puppet Language

Overview

ssh::validate_key_size(String $type, Integer $size)Any

This function validates a key size for a given type.

Parameters:

  • type (String)
  • size (Integer)

Returns:

  • (Any) 


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'functions/validate_key_size.pp', line 3

function ssh::validate_key_size(
  String $type,
  Integer $size
) {

  case $type {
    'dsa': {
      if $size != 1024 {
        notify { 'Only SSH dsa keys of 1024 size are valid, proceeding as such': }
      }
      $size_final = 1024
    }
    'ecdsa': {
      if $size in [256, 384, 521] {
        $size_final = $size
      } else {
        fail('ECDSA keys may only be of length 256, 384, or 521')
      }
    }
    'ed25519': {
      if $size != 0 {
        notify { 'SSH ed25519 keys have a fixed length, size ignored': }
      }
      $size_final = undef
    }
    'rsa': {
      if ! $size {
        $size_final = 2048
      } elsif $size > 768 {
        $size_final = $size
      } else {
        fail('RSA keys must be at least 768 bits')
      }
    }
    'rsa1': {
      $size_final = $size
    }
    default: {}
  }
}