holo-ssh-keys - Holo plugin to provision
This plugin provisions SSH keys into the
$HOME/.ssh/authorized_keys of a user. Key files are found at
$user is the name of the user whose
authorized_keys will be edited. Each key file is an entity within Holo, with the entity name
ssh-keyset:$user/$ident. For example:
$ holo scan ssh-keyset:john-doe/login ssh-keyset:john-doe/login found in /usr/share/holo/ssh-keys/john-doe/login.pub key is 2048 SHA256:vogJG+8rxIB80hEp8OCJLUQgtfOajXHudPp6YvDvY8W firstname.lastname@example.org (RSA)
The last information line contains the output of
ssh-keygen -l. If the file contains multiple public keys, there will appear one such line per key.
The format of SSH public key files is documented in sshd(8) in the section authorized_keys file format.
When a key file is applied, all keys in it will be added to
.ssh/authorized_keys (unless already present). To track which keys were provisioned by Holo, the comment field of the key is replaced by
Applying a key file entity will also remove all keys from
.ssh/authorized_keys which are tagged with this entity name, but are not present in the resource file for this entity. Keys can thus be replaced in or removed from the key file, and all changes will be propagated into
.ssh/authorized_keys automatically (without requiring
holo(8) provides the user interface for using this plugin.
Further documentation is available at the project homepage: https://holocm.org
Please report any issues and feature requests at GitHub: https://github.com/holocm/holo/issues