Puppet Class: profile::ssh::client

Defined in:
modules/profile/manifests/ssh/client.pp

Summary

class to managed ssh client config

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • manage_ssh_keys (Boolean) (defaults to: lookup('profile::ssh::client::manage_ssh_keys'))

    indicate if we should manage the known_hosts file

  • manage_ssh_config (Boolean) (defaults to: lookup('profile::ssh::client::manage_ssh_config'))

    if true manage the /etc/ssh/ssh_config file, most other parameters are only valid if this is true

  • hash_known_hosts (Boolean) (defaults to: lookup('profile::ssh::client::hash_known_hosts'))

    HashKnownHosts value

  • gss_api_authentication (Boolean) (defaults to: lookup('profile::ssh::client::gss_api_authentication'))

    GSSAPIAuthentication value

  • gss_api_delegate_credentials (Boolean) (defaults to: lookup('profile::ssh::client::gss_api_delegate_credentials'))

    GSSAPIDelegateCredentials value

  • send_env (Array[String[1]]) (defaults to: lookup('profile::ssh::client::send_env'))

    list of environment variables to send

  • extra_ssh_keys (Hash[Stdlib::Host, Hash]) (defaults to: lookup('profile::ssh::client::extra_ssh_keys'))

    A list of addtional ssh keys to trust. The main use of this is to configure some addtional authorized keys files for puppet-merge while we migrate



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'modules/profile/manifests/ssh/client.pp', line 13

class profile::ssh::client (
    Boolean          $manage_ssh_keys              = lookup('profile::ssh::client::manage_ssh_keys'),
    Boolean          $manage_ssh_config            = lookup('profile::ssh::client::manage_ssh_config'),
    Boolean          $hash_known_hosts             = lookup('profile::ssh::client::hash_known_hosts'),
    Boolean          $gss_api_authentication       = lookup('profile::ssh::client::gss_api_authentication'),
    Boolean          $gss_api_delegate_credentials = lookup('profile::ssh::client::gss_api_delegate_credentials'),
    Array[String[1]] $send_env                     = lookup('profile::ssh::client::send_env'),
    Hash[Stdlib::Host, Hash] $extra_ssh_keys       = lookup('profile::ssh::client::extra_ssh_keys'),
) {
    $known_hosts = ssh::known_hosts() + $extra_ssh_keys
    class { 'ssh::client':
        known_hosts => $known_hosts,
        *           => wmflib::resource::filter_params('extra_ssh_keys'),
    }
}