Feature #4263
ssh_authorized_keys keeps changing options
| Status: | Closed | Start date: | 07/17/2010 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Nigel Kersten |
% Done: | 100% |
|
| Category: | - | |||
| Target version: | - | |||
| Affected Puppet version: | 0.25.4 | Branch: | ||
| Keywords: | ||||
| Votes: | 1 |
Description
If you look closely, there is no change:
puppetd[32320]: (//backuppc::client/Ssh_authorized_key[backuppc@backup.madduck.net]/options) options changed 'no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding' to 'no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding'
So it should not report a change.
History
Updated by Peter Meier almost 2 years ago
can you show us the ssh_authorized_keys recipt?
Updated by martin krafft almost 2 years ago
- % Done changed from 0 to 100
Here it is:
ssh_authorized_key{ "backuppc@backup.madduck.net":
ensure => "present",
type => "ssh-rsa",
key => "AAAAB3NzaC1yc2EAAAADAQABAAACAQDAptldEfx3gFLRGyRTGHBwWWTuIpj+slEl2t2qNk5Y0kHoacOczQByb
NPyx5VUosXu7asRh0FexwDVRkqsd735AEl/IkSqJj179QAZwghS8mhmy5quX7J32a687rsQU/j0A5tmbeJ0iJFXwym0QePuTseZEQFGMdYW9rMtmpIDn8qAHKTEabLEgIj7wCfXBb7AOp4toDoH2FsrxSoiqlFs0MxRh1iKPAIaCRK1eMk+i1+p+K3CpeMhVXL1JES7etV7/twHzUW4p+i8yyMh5zMqdb7+X531D7RQA8/elxKYztRSa+OMuqzTdtLvOBHqkJwu8vgadxMpSHl31xR3BTdGIak/Z3AdwkFJKK0UIHULJrZsIqk3dLTMetXNEQVOfHnXhr/saHsBdnDiHvTIrlvOE6Z8MAbc9S+FUWpLon6fwjld+P0ofMOGdLNEJ02X0VMU3O4eTtyIIJJmgL+GyRTNxVwa1yPyuohZeobx9Hg32zGPUyY/PikySsNYEYCw7/hX+CLzl9oyaBNPnY2Mui7LK2L+rJS/zbztDR09arB9jRdKIvT3nVpOtdFe0iDIm3w9aQCS7HQX3kt6yJc+bCnNqVOGXR/RIJ1QcdW4/BZjQaqo0Q9AXi1X2Ajgdq4eiOcqXFNaKJPuSfW93IhxdL6QifCeH5+BhoGuDxP+Iwr8oQ==",
options => "no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding",
user => "root"
}
The issue is especially annoying since every time the file is rewritten, the date in the header changes, yielding a new checksum and hence a new file that’s written into the filebucket.
Thanks for your time!
Updated by Peter Meier almost 2 years ago
This is a known issue from http://docs.puppetlabs.com/references/stable/type.html :
OPTIONS Key options, see sshd(8) for possible values. Multiple values should be specified as an array
so
options => [ "no-agent-forwarding", "no-port-forwarding", "no-pty" , "no-user-rc", "no-X11-forwarding" ],
Will fix your problem.
Updated by martin krafft almost 2 years ago
Argh, I just missed it. Is there a reason why the type couldn’t accept both? Arrays are nice for computers, but they require a lot more typing.
Updated by James Turnbull almost 2 years ago
- Tracker changed from Bug to Feature
- Status changed from Unreviewed to Needs Decision
Updated by James Turnbull over 1 year ago
- Assignee set to Nigel Kersten
Updated by Nigel Kersten over 1 year ago
- Status changed from Needs Decision to Closed
martin krafft wrote:
Argh, I just missed it. Is there a reason why the type couldn’t accept both? Arrays are nice for computers, but they require a lot more typing.
They’re also a lot more robust in application, and offer a lot more in terms of appending/removing items, which we plan to do a lot more of in the future, and have proven invaluable in my experience when managing larger deployments.
We’ve had many bugs crop up over the years where we’ve accepted comma-delimited strings as well as arrays and this has caused problems.
We’re sticking with arrays for this.
Updated by martin krafft over 1 year ago
It needs not be a comma-delimited string, but just a string that, if present, gets used directly, instead of exploding the array.