I have couple of Debian servers and currently I am struggling around with adding manually ssh keys to the server's authorized_keys files. Do you know an application which can do this in a nice semi-automated way? Ideally with a nifty interface, where I can see which keys are used on which server etc.?
I have just read in this posting about puppet, but I need to evaluate it a bit. Do you have any suggestions?
Asked
Active
Viewed 935 times
0
-
3LDAP? LDAP. LDAP! – Ignacio Vazquez-Abrams Apr 02 '12 at 08:31
-
Oh, ok. Didn't know this. Is this the normal way of handling this? – H6. Apr 02 '12 at 12:09
-
and setting up and maintaining a LDAP server seems to my like more additional work. But thanks for pointing this out, so I can taking this also into account. – H6. Apr 02 '12 at 12:27
-
possible duplicate of [Centralized management system for SSH keys?](http://serverfault.com/questions/304286/centralized-management-system-for-ssh-keys) – Jeff Ferland Apr 02 '12 at 23:26
1 Answers
2
Any change management system will do the trick; puppet and cfengine being the most used and either would do the job.
Personally, I favor puppet and the configuration to deploy SSH keys is built in and quite robust; it'd take only a few hours to deploy, get comfortable, and start using it for somthing as well-contained as ssh key management. Here is some useful documentation on doing just that:
http://projects.puppetlabs.com/projects/1/wiki/Authorized_Keys_Patterns
As a bonus side effect, you'd then have a deployment system for other management tasks you could leverage. :-)
Marc A. Pelletier
- 66
- 2
-
1To be fair, there is a learning curve. However, it's such a useful tool that soon you'll be looking for more things to manage. I started with simply managing ntpd.conf and sudoers. – Martijn Heemels Apr 02 '12 at 22:07