Details
-
Type:
New Feature
-
Status: Accepted
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: sshkeys_core
-
Labels:None
-
Template:customfield_10700 320972
-
Team:Night's Watch
-
Sprint:PR - Triage, PR - Triage
-
QA Risk Assessment:Needs Assessment
Description
Module Version: N/A
Puppet Version: Puppet 4.8.2
OS Name/Version: Debian stretch
We have a security policy which says SSH `authorized_keys` files should not be writable by users, so that those keys are solely under the control of admins (and therefore Puppet).
Unfortunately, the way the `ssh_authorized_key` type operates now is that it hardcodes the mode (`0600`) of the file and also the owner (whatever the `user` selected). So an operator has two choices, either:
- make the file owned by the user, in which case authentication works but the keys are modifiable by the user, or;
- make the file owned by `root`, in which case the file is not writable by the user but authentication then fails because it's not readable either
Desired Behavior: It should be possible to have read-only SSH keys.
Actual Behavior: SSH keys are either read/write or unreadable.