2 # do not depend on xinetd, yet. it might uninstall other inetds
3 # for now this will have to be done manually
5 if $::portforwarder_user_exists {
6 if ! $::portforwarder_key {
7 exec { 'create-portforwarder-key':
8 command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
9 onlyif => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
13 file { '/etc/ssh/userkeys/portforwarder':
14 content => template('portforwarder/authorized_keys.erb'),
16 file { '/etc/xinetd.d':
22 file { '/etc/xinetd.d/dsa-portforwader':
23 content => template('portforwarder/xinetd.erb'),
24 notify => Exec['service xinetd reload']
27 exec { 'service xinetd reload':
32 '/etc/ssh/userkeys/portforwarder',
33 '/etc/xinetd.d/dsa-portforwader',