I'm new to Puppet (open source version) and have a relatively straightforward question.
When I bring up a new host, I'd like the puppetmaster to add the new host's public rsa key to /etc/ssh/ssh_known_hosts, and so the updated ssh_known_hosts file will be available to be pulled down by puppet agents.
I've tried the sshkey
resource:
# /etc/puppet/modules/ssh/manifests/client.pp
sshkey { $hostname:
ensure => present,
type => "rsa",
key => $sshrsakey,
}
However, ssh_known_hosts does not appear to be modified on the puppetmaster, or agent for that matter. My manifest passes syntax validation when I run puppet parser validate client.pp
and running puppet agent --test
on the agent does not report any issues.
Do I have to have Stored Configs set up in order to use the sshkey resource? I like the features of Stored Configs, but it seems like overkill for what I need and seems to add lots of overhead. My other option is to spit the $sshrsakey
fact to a file
, but it will need to check for the existence of the public key so it doesn't get added more than once.