salt.states.ssh_auth¶

Control of entries in SSH authorized_key files.¶

The information stored in a user's ssh authorized key file can be easily controlled via the ssh_auth state. Defaults can be set by the enc, options, and comment keys. These defaults can be overridden by including them in the name.

AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY==:
  ssh_auth:
    - present
    - user: root
    - enc: ssh-dss

thatch:
  ssh_auth:
    - present
    - user: root
    - source: salt://ssh_keys/thatch.id_rsa.pub

sshkeys:
  ssh_auth:
    - present
    - user: root
    - enc: ssh-rsa
    - options:
      - option1="value1"
      - option2="value2 flag2"
    - comment: myuser
    - names:
      - AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY==
      - ssh-dss AAAAB3NzaCL0sQ9fJ5bYTEyY== user@domain
      - option3="value3" ssh-dss AAAAB3NzaC1kcQ9J5bYTEyY== other@testdomain
      - AAAAB3NzaC1kcQ9fJFF435bYTEyY== newcomment

salt.states.ssh_auth.absent(name, user, config='.ssh/authorized_keys')¶

Verifies that the specified ssh key is absent

name

The ssh key to manage

user

The user who owns the ssh authorized keys file to modify

config

The location of the authorized keys file relative to the user's home directory, defaults to ".ssh/authorized_keys"

salt.states.ssh_auth.present(name, user, enc='ssh-rsa', comment='', source='', options=None, config='.ssh/authorized_keys', **kwargs)¶

Verifies that the specified ssh key is present for the specified user

name

The ssh key to manage

user

The user who owns the ssh authorized keys file to modify

enc

Defines what type of key is being used, can be ecdsa ssh-rsa, ssh-dss

comment

The comment to be placed with the ssh public key

source

The source file for the key(s). Can contain any number of public keys, in standard "authorized_keys" format. If this is set, comment, enc, and options will be ignored.

options

The options passed to the key, pass a list object

config

The location of the authorized keys file relative to the user's home directory, defaults to ".ssh/authorized_keys"