Open
Description
I'm trying to add a CA via a @cert-authority * <key type> <key>
line in the /etc/ssh/ssh_known_hosts` file.
There's no direct support in sshkeys-core, so I tried adding one via file_line:
file_line { 'add ssh ca to ssh_known_hosts':
path => '/etc/ssh/ssh_known_hosts',
line => "@cert-authority * ${ssh_ca_public_key}",
match => '^@cert-authority \* ',
}
but when I do that, I get an error on the next puppet run
Error: /Stage[main]/Ssh/Resources[sshkey]: Failed to generate additional resources using 'generate': Parameter type failed on Sshkey[@]: Invalid value "cert-authority@*". Valid values are ssh-dss, ssh-ed25519, ssh-rsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com.
looks like there's an sshkey type that may need to be updated.
I'm using these in my Puppetfile:
mod "ghoneycutt-ssh", "5.1.1"
mod 'puppetlabs-sshkeys_core', '2.5.1'
Metadata
Metadata
Assignees
Labels
No labels