Merge pull request #51 from mathieupotier/master

Put ssh keys on configured path in sshd_config (AuthorizedKeysFile)

openssh/auth.sls

@@ -38,12 +38,18 @@ include:
 {{ print_name(identifier, key) }}:
   ssh_auth.present:
     {{ print_ssh_auth(identifier, key) }}
+    {%- if 'sshd_config' in pillar and 'AuthorizedKeysFile' in pillar['sshd_config'] %}
+    - config: '{{ pillar['sshd_config']['AuthorizedKeysFile'] }}'
+    {% endif -%}
     - require:
       - service: {{ openssh.service }}
     {%- else %}
 {{ print_name(identifier, key) }}:
   ssh_auth.absent:
     {{ print_ssh_auth(identifier, key) }}
+    {%- if 'sshd_config' in pillar and 'AuthorizedKeysFile' in pillar['sshd_config'] %}
+    - config: '{{ pillar['sshd_config']['AuthorizedKeysFile'] }}'
+    {% endif -%}
     {%- endif -%}
   {%- endfor -%}
-{%- endfor -%}
+{%- endfor -%}

pillar.example

@@ -29,6 +29,7 @@ sshd_config:
   PermitEmptyPasswords: 'no'
   ChallengeResponseAuthentication: 'no'
   AuthenticationMethods: 'publickey,keyboard-interactive'
+  AuthorizedKeysFile: '%h/.ssh/authorized_keys'
   X11Forwarding: 'yes'
   X11DisplayOffset: 10
   PrintMotd: 'no'
@@ -86,16 +87,19 @@ openssh:
         present: True
         enc: ssh-rsa
         comment: main key - desktop
+        source: salt://ssh_keys/joe.desktop.pub
     joe-valid-ssh-key-notebook:
       - user: joe
         present: True
         enc: ssh-rsa
         comment: main key - notebook
+        source: salt://ssh_keys/joe.netbook.pub
     joe-non-valid-ssh-key:
       - user: joe
         present: False
         enc: ssh-rsa
         comment: obsolete key - removed
+        source: salt://ssh_keys/joe.no-valid.pub
 
   generate_dsa_keys: False
   absent_dsa_keys: False