feat: sign ssh host keys
- manage python script/venv to sign ssh host certificates - add approle_id to puppetmaster eyaml files - add class to sign ssh-rsa host keys - add facts to check if the current principals match the desired principals
This commit is contained in:
@@ -0,0 +1,10 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
# lib/facter/sshd_host_cert_exists.rb
|
||||
require 'puppet'
|
||||
|
||||
Facter.add('sshd_host_cert_exists') do
|
||||
setcode do
|
||||
File.exist?('/etc/ssh/ssh_host_rsa_key-cert.pem')
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user