Browse Source

Merge pull request #38 from aboe76/remove_host_key_via_pillar

Add option to remove ssh_host_keys
master
Forrest 9 years ago
parent
commit
f15a112e13
2 changed files with 13 additions and 0 deletions
  1. +9
    -0
      openssh/config.sls
  2. +4
    -0
      pillar.example

+ 9
- 0
openssh/config.sls View File

- creates: /etc/ssh/ssh_host_{{ keyType }}_key - creates: /etc/ssh/ssh_host_{{ keyType }}_key
- user: root - user: root


{% elif salt['pillar.get']('openssh:absent_' ~ keyType ~ '_keys', False) %}
ssh_host_{{ keyType }}_key:
file.absent:
- name: /etc/ssh/ssh_host_{{ keyType }}_key

ssh_host_{{ keyType }}_key.pub:
file.absent:
- name: /etc/ssh/ssh_host_{{ keyType }}_key.pub

{% elif salt['pillar.get']('openssh:provide_' ~ keyType ~ '_keys', False) %} {% elif salt['pillar.get']('openssh:provide_' ~ keyType ~ '_keys', False) %}
ssh_host_{{ keyType }}_key: ssh_host_{{ keyType }}_key:
file.managed: file.managed:

+ 4
- 0
pillar.example View File

comment: obsolete key - removed comment: obsolete key - removed


generate_dsa_keys: False generate_dsa_keys: False
absent_dsa_keys: False
provide_dsa_keys: False provide_dsa_keys: False
dsa: dsa:
private_key: | private_key: |
ssh-dss NOT_DEFINED ssh-dss NOT_DEFINED


generate_ecdsa_keys: False generate_ecdsa_keys: False
absent_ecdsa_keys: False
provide_ecdsa_keys: False provide_ecdsa_keys: False
ecdsa: ecdsa:
private_key: | private_key: |
ecdsa-sha2-nistp256 NOT_DEFINED ecdsa-sha2-nistp256 NOT_DEFINED


generate_rsa_keys: False generate_rsa_keys: False
absent_rsa_keys: False
provide_rsa_keys: False provide_rsa_keys: False
rsa: rsa:
private_key: | private_key: |
ssh-rsa NOT_DEFINED ssh-rsa NOT_DEFINED


generate_ed25519_keys: False generate_ed25519_keys: False
absent_ed25519_keys: False
provide_ed25519_keys: False provide_ed25519_keys: False
ed25519: ed25519:
private_key: | private_key: |

Loading…
Cancel
Save