puppet 管理秘钥登陆

企业实际使用的案例

1.创建模块目录
mkdir -p /etc/puppet/modules/ssh/{files,manifests}
2.创建秘钥(一路回车即可)
ssh-keygen
3.将公钥拷贝到资源目录
cat /root/.ssh/id_rsa.pub  >/etc/puppet/modules/ssh/files/authorized_keys
4.创建模块的入口文件
[root@master manifests]# cat /etc/puppet/modules/ssh/manifests/init.pp 
class ssh{
  package { 'openssh-server':
    ensure => present,
  }
  file { '/root/.ssh/authorized_keys':
    ensure => present,
    owner  => 'root',
    group  => 'root',
    mode   => '0600',
    source => "puppet://$puppetserver/modules/ssh/authorized_keys",
    require => Package['openssh-server'],
  }
}

4.创建主配置
[root@master manifests]# cat /etc/puppet/manifests/site.pp
node 'nginxnode2.puppetcao.com'{
  include ssh
}
client端口服务器启动puppet服务即可同步过去,这样可以方便管理多用户的秘钥
systemctl  start puppet

5.测试
[root@master manifests]# ssh root@192.168.1.116
Last login: Wed Sep 18 15:44:58 2019 from master.puppetcao.com
成功登陆

 检查配置命令:

puppet parser validate /etc/puppet/manifests/site.pp

  

posted @ 2019-11-21 17:38  caonw  阅读(208)  评论(0编辑  收藏  举报