diff --git a/ssh/manifests/init.pp b/ssh/manifests/init.pp index 71e2f92..651d651 100644 --- a/ssh/manifests/init.pp +++ b/ssh/manifests/init.pp @@ -23,6 +23,76 @@ class ssh::known_hosts { } +# Install SSH host keys. +# +class ssh::hostkeys { + + file { "/etc/ssh/ssh_host_dsa_key": + ensure => present, + source => "puppet:///private/ssh_host_dsa_key", + mode => 0600, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, + } + file { "/etc/ssh/ssh_host_dsa_key.pub": + ensure => present, + source => "puppet:///private/ssh_host_dsa_key.pub", + mode => 0644, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, + } + + file { "/etc/ssh/ssh_host_rsa_key": + ensure => present, + source => "puppet:///private/ssh_host_rsa_key", + mode => 0600, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, + } + file { "/etc/ssh/ssh_host_rsa_key.pub": + ensure => present, + source => "puppet:///private/ssh_host_rsa_key.pub", + mode => 0644, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, + } + + file { "/etc/ssh/ssh_host_key": + ensure => present, + source => "puppet:///private/ssh_host_key", + mode => 0600, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, + } + file { "/etc/ssh/ssh_host_key.pub": + ensure => present, + source => "puppet:///private/ssh_host_key.pub", + mode => 0644, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, + } + +} + + # Disable SSH server. # class ssh::disable {