salt.states.ssh_known_hosts
Control of SSH known_hosts entries
Manage the information stored in the known_hosts files.
github.com: ssh_known_hosts: - present - user: root - fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48 - fingerprint_hash_type: md5 example.com: ssh_known_hosts: - absent - user: root
-
Verifies that the specified host is not known by the given user
- name
-
The host name Note that only single host names are supported. If foo.example.com and bar.example.com are the same machine and you need to exclude both, you will need one Salt state for each.
- user
-
The user who owns the ssh authorized keys file to modify
- config
-
The location of the authorized keys file relative to the user's home directory, defaults to ".ssh/known_hosts". If no user is specified, defaults to "/etc/ssh/ssh_known_hosts". If present, must be an absolute path when a user is not specified.
salt.states.ssh_known_hosts.absent(name, user=None, config=None)
-
Verifies that the specified host is known by the specified user
On many systems, specifically those running with openssh 4 or older, the
enc
option must be set, only openssh 5 and above can detect the key type.- name
-
The name of the remote host (e.g. "github.com") Note that only a single hostname is supported, if foo.example.com and bar.example.com have the same host you will need two separate Salt States to represent them.
- user
-
The user who owns the ssh authorized keys file to modify
- fingerprint
-
The fingerprint of the key which must be present in the known_hosts file (optional if key specified)
- key
-
The public key which must be present in the known_hosts file (optional if fingerprint specified)
- port
-
optional parameter, port which will be used to when requesting the public key from the remote host, defaults to port 22.
- enc
-
Defines what type of key is being used, can be ed25519, ecdsa ssh-rsa or ssh-dss
- config
-
The location of the authorized keys file relative to the user's home directory, defaults to ".ssh/known_hosts". If no user is specified, defaults to "/etc/ssh/ssh_known_hosts". If present, must be an absolute path when a user is not specified.
- hash_known_hostsTrue
-
Hash all hostnames and addresses in the known hosts file.
- timeoutint
-
Set the timeout for connection attempts. If
timeout
seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection is closed and the host in question considered unavailable. Default is 5 seconds.New in version 2016.3.0.
- fingerprint_hash_type
-
The public key fingerprint hash type that the public key fingerprint was originally hashed with. This defaults to
sha256
if not specified.New in version 2016.11.4.
Changed in version 2017.7.0: default changed from
md5
tosha256
salt.states.ssh_known_hosts.present(name, user=None, fingerprint=None, key=None, port=None, enc=None, config=None, hash_known_hosts=True, timeout=5, fingerprint_hash_type=None)
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/states/all/salt.states.ssh_known_hosts.html