where is ssh_known_hosts file generated by sshkey ?
146 views
Skip to first unread message
Clay
Jul 10, 2012, 8:00:27 PM7/10/12
to puppet...@googlegroups.com
Hi ,
I was testing puppet exported resources as in http://docs.puppetlabs.com/guides/exported_resources.html and I had this test class (code is from another post).
class ssh_known_hosts{
case $sshrsakey {
'': { alert("No sshrsakey found for $fqdn") }
default: {
@@sshkey { $fqdn:
ensure => present,
host_aliases => [$hostname, $ipaddress],
key => $sshrsakey,
type => rsa,
}
}
}
Sshkey <<||>>
}
I ran it from clients,
host1:/etc/puppet # puppet agent --test --environment dev
info: Caching catalog for host1.domain.com
info: Applying configuration version '1341963662'
...
notice: /Stage[main]/Ssh_known_hosts/Sshkey[host1.domain.com]/ensure: created
notice: Finished catalog run in 0.56 seconds
it shows the entry created, but where is the file on the puppet master server ? I checked /etc/ssh_known_hosts ( I created a empty one) , but it's still empty.
the puppet master is configured with puppetdb and it's working, and I have this in puppet.conf
storeconfigs = true
storeconfigs_backend = puppetdb
Thanks.
Clay
I was testing puppet exported resources as in http://docs.puppetlabs.com/guides/exported_resources.html and I had this test class (code is from another post).
class ssh_known_hosts{
case $sshrsakey {
'': { alert("No sshrsakey found for $fqdn") }
default: {
@@sshkey { $fqdn:
ensure => present,
host_aliases => [$hostname, $ipaddress],
key => $sshrsakey,
type => rsa,
}
}
}
Sshkey <<||>>
}
I ran it from clients,
host1:/etc/puppet # puppet agent --test --environment dev
info: Caching catalog for host1.domain.com
info: Applying configuration version '1341963662'
...
notice: /Stage[main]/Ssh_known_hosts/Sshkey[host1.domain.com]/ensure: created
notice: Finished catalog run in 0.56 seconds
it shows the entry created, but where is the file on the puppet master server ? I checked /etc/ssh_known_hosts ( I created a empty one) , but it's still empty.
the puppet master is configured with puppetdb and it's working, and I have this in puppet.conf
storeconfigs = true
storeconfigs_backend = puppetdb
Thanks.
Clay
jcbollinger
Jul 11, 2012, 8:44:54 AM7/11/12
to puppet...@googlegroups.com
On Tuesday, July 10, 2012 7:00:27 PM UTC-5, Clay wrote:
Hi ,
I was testing puppet exported resources as in http://docs.puppetlabs.com/guides/exported_resources.html and I had this test class (code is from another post).
class ssh_known_hosts{
case $sshrsakey {
'': { alert("No sshrsakey found for $fqdn") }
default: {
@@sshkey { $fqdn:
ensure => present,
host_aliases => [$hostname, $ipaddress],
key => $sshrsakey,
type => rsa,
}
}
}
Sshkey <<||>>
}
I ran it from clients,
host1:/etc/puppet # puppet agent --test --environment dev
info: Caching catalog for host1.domain.com
info: Applying configuration version '1341963662'
...
notice: /Stage[main]/Ssh_known_hosts/Sshkey[host1.domain.com]/ensure: created
notice: Finished catalog run in 0.56 seconds
it shows the entry created, but where is the file on the puppet master server ? I checked /etc/ssh_known_hosts ( I created a empty one) , but it's still empty.
According to the docs (http://docs.puppetlabs.com/references/latest/type.html#sshkey), the Sshkey resource manages /etc/ssh/ssh_known_hosts.
John
Felix Frank
Jul 11, 2012, 10:26:13 AM7/11/12
to puppet...@googlegroups.com
Hi,
On 07/11/2012 02:00 AM, Clay wrote:
>
>
> it shows the entry created, but where is the file on the puppet master
> server ? I checked /etc/ssh_known_hosts ( I created a empty one) , but
> it's still empty.
you are mistaken.
Exported resources are stored *in the database on the master*. The
master won't get the resources, unless you have an agent on the master
node (most people do) and this agent collects the stored resources.
What happened here is that the agent on host1 exported its own key and
subsequently added it to its own known hosts. Your manifest works such
that each host adds all hosts, including itself.
Cheers,
Felix
On 07/11/2012 02:00 AM, Clay wrote:
>
>
> it shows the entry created, but where is the file on the puppet master
> server ? I checked /etc/ssh_known_hosts ( I created a empty one) , but
> it's still empty.
Exported resources are stored *in the database on the master*. The
master won't get the resources, unless you have an agent on the master
node (most people do) and this agent collects the stored resources.
What happened here is that the agent on host1 exported its own key and
subsequently added it to its own known hosts. Your manifest works such
that each host adds all hosts, including itself.
Cheers,
Felix
Clay
Jul 11, 2012, 2:31:19 PM7/11/12
to puppet...@googlegroups.com
Thanks. I see the ssh_known_hosts file on clinet1 under /etc/ssh now .
Clay
Reply all
Reply to author
Forward
0 new messages