-* create a new SSH key pair for each configuration file foo in
- {{{/etc/da-backup/}}} with {{{ssh-keygen -t rsa -f /root/.ssh/da_foo"}}}:
-
-{{{
- cd /etc/da-backup &&
- [ -r /root/.ssh ] &&
- for i in *; do
- echo $i &&
- if [ -e "/root/.ssh/da_$i" ]; then continue; fi &&
- sudo ssh-keygen -t rsa -f /root/.ssh/da_$i -N '' -C "da-backup for $i on `hostname -f`";
- done
-
- echo "#" &&
- echo "# `hostname -f`" &&
- echo "#" &&
- myip=`host $(hostname -f) | \
- grep has\ address | \
- sed -e 's/.*address //'` &&
- cd /etc/da-backup &&
- for i in *; do
- echo "command=\"rsync --server -vlHogDtprz --delete --delete-after --ignore-errors . /org/backup.debian.org/staging/`hostname -f`/$i\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from=\"::ffff:$myip,$myip\" `cat /root/.ssh/da_$i.pub`"
- done && echo
-}}}
-
-* install the public components of the key with the proper command in
- puppet {{{modules/ssh/templates/authorized_keys.erb}}} for bartok, start a new section for each host. Do a puppetrun on bartok.
+* install the public host key of the server with a proper command in
+ puppet {{{modules/ssh/templates/authorized_keys.erb}}} for bartok. Do a puppetrun on bartok.
+ (This might get done automatically eventually.)