Make ssh puppetkeys mode 0444 (instead of 0644)

diff --git a/modules/ssh/manifests/authorized_key_collect.pp b/modules/ssh/manifests/authorized_key_collect.pp
index 7c121e4..28ba797 100644 (file)
--- a/modules/ssh/manifests/authorized_key_collect.pp
+++ b/modules/ssh/manifests/authorized_key_collect.pp
@@ -7,6 +7,7 @@ define ssh::authorized_key_collect(
   concat { "/etc/ssh/puppetkeys/${target_user}":
     warn           => '# This file is maintained with puppet',
     ensure_newline => true,
+    mode           => '0444',
   }
   Concat::Fragment <<| tag == "ssh::authorized_key::fragment::${collect_tag}::${target_user}" |>>