Create ssh ed25519 hostkeys on jessie

author Peter Palfrader <peter@palfrader.org>

Sun, 7 Dec 2014 09:33:53 +0000 (10:33 +0100)

committer Peter Palfrader <peter@palfrader.org>

Sun, 7 Dec 2014 09:33:58 +0000 (10:33 +0100)
author Peter Palfrader <peter@palfrader.org>
Sun, 7 Dec 2014 09:33:53 +0000 (10:33 +0100)
committer Peter Palfrader <peter@palfrader.org>
Sun, 7 Dec 2014 09:33:58 +0000 (10:33 +0100)
diff --git a/modules/debian-org/lib/facter/paths.rb b/modules/debian-org/lib/facter/paths.rb

index 6e991f0..e48fb60 100644 (file)
--- a/modules/debian-org/lib/facter/paths.rb
+++ b/modules/debian-org/lib/facter/paths.rb
@@ -16,3 +16,12 @@ Facter.add("has_srv_buildd") do
                 end
         end
  end
+Facter.add("has_etc_ssh_ssh_host_ed25519_key") do
+       setcode do
+               if FileTest.exist?("/etc/ssh/ssh_host_ed25519_key")
+                       true
+               else
+                       ''
+               end
+       end
+end
diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp

index 0824f0f..db61301 100644 (file)
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -36,4 +36,13 @@ class ssh {
         file { '/etc/ssh/userkeys/root':
                 content => template('ssh/authorized_keys.erb'),
         }
+
+       if ($::lsbmajdistrelease >= 8) {
+               if ! $has_etc_ssh_ssh_host_ed25519_key {
+                       exec { 'create-ed25519-host-key':
+                               command => 'ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -q -P "" -t ed25519',
+                               onlyif  => '! [ -e /etc/ssh/ssh_host_ed25519_key ]'
+                       }
+               }
+       }
  }
author	Peter Palfrader <peter@palfrader.org>
	Sun, 7 Dec 2014 09:33:53 +0000 (10:33 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Sun, 7 Dec 2014 09:33:58 +0000 (10:33 +0100)
modules/debian-org/lib/facter/paths.rb		patch \| blob \| history
modules/ssh/manifests/init.pp		patch \| blob \| history