chef - [chef] Re: Re: Re: authentication of chef clients with a git repo

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Re: authentication of chef clients with a git repo

From: John Merrells < >
To:
Subject: [chef] Re: Re: Re: authentication of chef clients with a git repo
Date: Thu, 15 Apr 2010 10:00:01 -0700

On Apr 15, 2010, at 9:52 AM, Jacobo García wrote:

> I'm thinking making a recipe that generates a ssh key on every client
> for the shell user that runs chef-client (root in my case), so when
> chef-client tries to pull the repo.
>
> This is what you refer?

Yes.

You'll also need the server key in the client's known_hosts file.

Note that you might find it more manageable to have the same
on all the client machines....

I have a recipe which creates the same

/root/.ssh/id_rsa
/root/.ssh/id_rsa.pub
/root/.ssh/knownhosts

on all the machines that pull from the same repo. Which in my
case is github.

But, yes different keys everywhere would be more secure.

John

--
John Merrells
http://johnmerrells.com
+1.415.244.5808

[chef] authentication of chef clients with a git repo, Jacobo García, 04/15/2010
- [chef] Re: authentication of chef clients with a git repo, John Merrells, 04/15/2010
  - [chef] Re: Re: authentication of chef clients with a git repo, Jacobo García, 04/15/2010
    - [chef] Re: Re: Re: authentication of chef clients with a git repo, John Merrells, 04/15/2010
      - [chef] Re: Re: Re: Re: authentication of chef clients with a git repo, Jacobo García, 04/15/2010