Strange. I see the
'users' and 'ssh-keys' cookbooks out there, but they only
seem to deal with authorized_keys file and pub keys, not
managing the private keys which is where I'm getting
stuck.
I thought creating a template from a databag with the priv
key in it would suffice, but I'm having issues populating
a file's content with the item in the databag. My
assumption is I am going about this in a completely wrong
way.
On 09/02/2015 11:31 AM, Kevin Keane Subscription
wrote:
Generally,
with SSH keys you want to generate them where
the private key is used. I would use a bash
resource (assuming the node is Linux/Unix, of
course) to call ssh-keygen. Have it put the
private key into the correct place.
You
can then copy the public key into an attribute
on the node, and use that attribute in turn on
the destination nodes.
Of
course you can also use scp to copy the public
key where it is needed, but that would mean more
shell scripting and less chef.
Hello, all.
What is the opscode-recommended method for managing ssh keys - private
keys in particular?
My aim is to create the rsa keypairs on source nodes, then have the pub
key added to another user's authorized_keys on destination nodes;
preferably in databags / encrypted. Ideally having unique keypairs for
each source node.