User story #4478


User story #4439: Technique 'ssh keys distribution': Have several keys per users

Improve the sshKeyDistribution Technique to have several keys per users, and overall technique improvement

Added by Nicolas CHARLES over 10 years ago. Updated over 9 years ago.

Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:


New version of the sshKeyDistribution technique
The key definitions in the old technique were used verbatim, which made it impossible to update say, key comment, which would result into two key definitions for essentially the same key hash;
classes used to record the outcome would be defined globally, but the names are not specific enough (i.e. line_1_*) which may have created confusion if several rules are in effect on the same host (think of line_1_ok);
multiple keys for the same user within the same directive were not possible - I had to introduce a new component variable to work around that;
a special case for SuSE, which differs only in the gid for file ownership has been folded in using an array built conditionally depending on the OS;
a class name denoting existence for a user was renamed from index_*_exist to user_*_exist for clarity;
reports have been replaced with methods, which, I hope, makes it simpler to read;
classes to denote outcomes were also rewritten to use rudder_common_classes;
an additional edit has been introduced to ensure uniqueness of the defs in the files - this is done with a bundle remove_duplicate_lines (attached) which I have in my site library. If nobody thinks it is useful - just drop the third files promise, otherwise please feel free to include it either into the library or along with the technique (but probably in the latter case it should be given a more specific name, i.e. sshkey_remove_duplicate_lines.


Also available in: Atom PDF