From 4bc00d4d62b37a957cb415a6d1343f4e49c68dd5 Mon Sep 17 00:00:00 2001 From: Heinz Wiesinger Date: Tue, 13 Dec 2016 14:58:28 +0100 Subject: [PATCH 1/3] Replace "hash_hostname" with "hash_known_hosts". The former is deprecated since Carbon. --- users/init.sls | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/users/init.sls b/users/init.sls index 3f50158..4fd8c90 100644 --- a/users/init.sls +++ b/users/init.sls @@ -375,8 +375,8 @@ users_ssh_known_hosts_{{ name }}_{{ loop.index0 }}: {% if 'enc' in host %} - enc: {{ host['enc'] }} {% endif -%} - {% if 'hash_hostname' in host %} - - hash_hostname: {{ host['hash_hostname'] }} + {% if 'hash_known_hosts' in host %} + - hash_known_hosts: {{ host['hash_known_hosts'] }} {% endif -%} {% endfor %} {% endif %} From 3b911cc9cb015e984ef012e2eb02467c17333a31 Mon Sep 17 00:00:00 2001 From: Sean Molenaar Date: Fri, 17 Nov 2017 14:30:00 +0100 Subject: [PATCH 2/3] Add default setting for ssh known hosts fingerprint hash type --- users/init.sls | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/users/init.sls b/users/init.sls index 4fd8c90..e5cc820 100644 --- a/users/init.sls +++ b/users/init.sls @@ -378,6 +378,12 @@ users_ssh_known_hosts_{{ name }}_{{ loop.index0 }}: {% if 'hash_known_hosts' in host %} - hash_known_hosts: {{ host['hash_known_hosts'] }} {% endif -%} + {% if 'timeout' in host %} + - timeout: {{ host['timeout'] }} + {% endif -%} + {% if 'fingerprint_hash_type' in host %} + - fingerprint_hash_type: {{ host['fingerprint_hash_type'] }} + {% endif -%} {% endfor %} {% endif %} From 49a337184d33ae497b29937820cf0aeb0483d2b8 Mon Sep 17 00:00:00 2001 From: Heinz Wiesinger Date: Thu, 6 Sep 2018 11:31:34 +0200 Subject: [PATCH 3/3] Add pillar examples for ssh_known_hosts config. --- pillar.example | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pillar.example b/pillar.example index 9b0471e..e94a47e 100644 --- a/pillar.example +++ b/pillar.example @@ -93,7 +93,13 @@ users: # Manage the ~/.ssh/config file ssh_known_hosts: importanthost: + port: 22 fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48 + key: PUBLICKEY + enc: ssh-rsa + hash_known_hosts: True + timeout: 5 + fingerprint_hash_type: sha256 ssh_known_hosts.absent: - notimportanthost ssh_config: