22 |
require => Package["openssh-server"], |
require => Package["openssh-server"], |
23 |
content => template("openssh/sshd_config") |
content => template("openssh/sshd_config") |
24 |
} |
} |
25 |
|
|
26 |
|
|
27 |
|
class ssh_keys_from_ldap { |
28 |
|
|
29 |
|
package { 'python-ldap': |
30 |
|
ensure => installed, |
31 |
|
} |
32 |
|
|
33 |
|
$pubkeys_directory = "/var/lib/pubkeys" |
34 |
|
file { $pubkeys_directory: |
35 |
|
ensure => directory, |
36 |
|
owner => root, |
37 |
|
group => root, |
38 |
|
mode => 755, |
39 |
|
# before => Class["openssh"] |
40 |
|
} |
41 |
|
|
42 |
|
file { "$pubkeys_directory/root": |
43 |
|
ensure => directory, |
44 |
|
owner => root, |
45 |
|
group => root, |
46 |
|
mode => 700, |
47 |
|
} |
48 |
|
|
49 |
|
file { "$pubkeys_directory/root/authorized_keys": |
50 |
|
ensure => "/root/.ssh/authorized_keys", |
51 |
|
mode => 700, |
52 |
|
} |
53 |
|
|
54 |
|
$ldap_pwfile = "/etc/ldap.secret" |
55 |
|
file { '/usr/local/bin/ldap-sshkey2file.py': |
56 |
|
ensure => present, |
57 |
|
owner => root, |
58 |
|
group => root, |
59 |
|
mode => 755, |
60 |
|
content => template("restrictshell/ldap-sshkey2file.py"), |
61 |
|
require => Package['python-ldap'] |
62 |
|
} |
63 |
|
} |
64 |
} |
} |