move the ldap key from ssh logic to openssh module ( more logical ), and add the hook in openssh config file

author: Michael Scherer <misc@mageia.org> 2010-11-23 23:17:47 +0000
committer: Michael Scherer <misc@mageia.org> 2010-11-23 23:17:47 +0000
commit: 0b64c47717c4483cc519e0f739bf0d4972f2277a (patch)
tree: 8ce211f47cf71c609ce9d9e2fc4919d8c7025fd3 /modules/openssh/templates
parent: 0773748d9802ba93ed2594f9807cd8064aeecfe5 (diff)
download: puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar
puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.gz
puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.bz2
puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.xz
puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/openssh/templates/sshd_config b/modules/openssh/templates/sshd_config
index 76077504..d3f776e1 100644
--- a/modules/openssh/templates/sshd_config
+++ b/modules/openssh/templates/sshd_config
@@ -45,6 +45,11 @@ PermitRootLogin without-password
 #PubkeyAuthentication yes
 #AuthorizedKeysFile	.ssh/authorized_keys
 
+<% if all_tags.include?('openssh::ssh_keys_from_ldap')  %>
+AuthorizedKeysFile /var/lib/config/pubkeys/%u/authorized_keys
+<% end %>
+
+
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
 #RhostsRSAAuthentication no
 # similar for protocol version 2
author	Michael Scherer <misc@mageia.org>	2010-11-23 23:17:47 +0000
committer	Michael Scherer <misc@mageia.org>	2010-11-23 23:17:47 +0000
commit	0b64c47717c4483cc519e0f739bf0d4972f2277a (patch)
tree	8ce211f47cf71c609ce9d9e2fc4919d8c7025fd3 /modules/openssh/templates
parent	0773748d9802ba93ed2594f9807cd8064aeecfe5 (diff)
download	puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.gz puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.bz2 puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.xz puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.zip