Resource Type: sshkey

Defined in:


Installs and manages ssh host keys.


By default, this type will install keys into `/etc/ssh/ssh_known_hosts`. To manage ssh keys in a different `known_hosts` file, such as a user's personal `known_hosts`, pass its path to the `target` parameter. See the `ssh_authorized_key` type to manage authorized keys.


  • ensure (defaults to: present)

    The basic property that the resource should be in.

    Supported values:
    • present
    • absent
  • host_aliases

    Any aliases the host might have. Multiple values must be specified as an array.

  • key

    The key itself; generally a long string of uuencoded characters. The `key` attribute may not contain whitespace.

    Make sure to omit the following in this attribute (and specify them in other attributes):

    • Key headers, such as 'ssh-rsa' — put these in the `type` attribute.

    • Key identifiers / comments, such as 'joescomputer.local' — put these in the `name` attribute/resource title.

  • target

    The file in which to store the ssh key. Only used by the `parsed` provider.


  • name (namevar)

    The host name that the key is associated with.

  • provider

    The specific backend to use for this `sshkey` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.

  • type (namevar)

    The encryption type used. Probably ssh-dss or ssh-rsa.

    Supported values:
    • ssh-dss
    • ssh-ed25519
    • ssh-rsa
    • ecdsa-sha2-nistp256
    • ecdsa-sha2-nistp384
    • ecdsa-sha2-nistp521
    • dsa (alias for: ssh-dss)
    • ed25519 (alias for: ssh-ed25519)
    • rsa (alias for: ssh-rsa)
    • ecdsa-sk (alias for:
    • ed25519-sk (alias for: