On enleve les mauvaises clés

2019-02-19 18:51:05 +01:00
parent 19bb6799e7
commit c2fce1b9d5
1 changed files with 23 additions and 24 deletions
--- a/linux/SSHPubKeys.sls
+++ b/linux/SSHPubKeys.sls
@@ -1,29 +1,28 @@
 {% if grains['kernel'] == 'Linux' %}
-  Creation of directory /root/.ssh:
+Creation of directory /root/.ssh:
-    file.directory:
+  file.directory:
-      - name: /root/.ssh
+    - name: /root/.ssh
-      - mode: '0700'
+    - mode: '0700'
-      - user: root
+    - user: root
-      - group: root
+    - group: root
-      - makedirs: True
+    - makedirs: True
-  Creation of file /root/.ssh/authorized_keys:
+Creation of file /root/.ssh/authorized_keys:
-    file.managed:
+  file.managed:
-      - name: /root/.ssh/authorized_keys
+    - name: /root/.ssh/authorized_keys
-      - mode: '0600'
+    - mode: '0600'
-      - user: root
+    - user: root
-      - group: root
+    - group: root
-  /root/.ssh/authorized_keys:
+/root/.ssh/authorized_keys:
-    file.append:
+  file.append:
-      - makedirs: True
+    - makedirs: True
-      - text:
+    - text:
-    {% for KEY in pillar.get('GoodSSHKeys',{}) %}
+  {% for KEY in pillar.get('GoodSSHKeys',{}) %}
-        - {{KEY}}
+      - {{KEY}}
-    {% endfor %}
+  {% endfor %}
-##        - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCVrwf2Eb27XmA7jb8sso2xSQoIqDJnHyW3Q6bBjtMYJwIcxxkadYuhanb1Yv3sRTq426cBp7CQIbSDVtfY+OvuSplSjf++OePHjgT7lwdAGaXnSfSOZcwx7I1hVhPao7E0FSLbIyq8N7ipuPQsLVp9I8RGQGnJMTuDyr66q4cvb+OZshRgvvnGkWn+MX2c1840n31Nbid9JPocPilu8Sdc493LtsYVGHnzGH6Td65+BtTOlNHCoAEdFAz0AisGOrDeymbvK80iAal02Mf479PGbdt3ghKWU/rXAWNtCvQ8TvWXQl3kf5v3/PeoBMVjtzOR72mD7jRnMtKD+6jhdGX iwan@fedg70.ivanclement.maison'
+
-##        - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHJqqwPcVYKZLzcpJInNaSGRLiWQ+Xw3gqJQba89n1m8DnzBryYN/w2Z5WPfxvycOmtl9cCZHolxlD4A754jCvo6Y7alN81na5s7L4bgUArws7nT6omxMWaQdfIEtcYuicfzQGwRDtNfRDp/ZIBc30GLNwgWfVxc5j6rRKMzo8HfXoA4FtSu/PRRzZJpRGCC+D4tuc3QzZ/15LZ17OlSh6iQX1bLnzLpeCvCgo5oSaZu9lO+yJOr9op17Hfe8YxfB5RgQVbJkC9hebbHushoFmJDp52WtzK3wm1XHCAgTYOdV4Z5+nL59vlsdEWCl1eILEbUy+8lcWlEZUTb7b4qQn iwan@fedx230.ivanclement.maison'
+include:
-##        - {{ pillar['ssh_publickey_x230'] }}
+  - linux.RemoveBadSSHKeys
 #        - {{ pillar['ssh_publickey_g70'] }}
 {% endif %}