salt.states.ssh_known_hosts

Control of SSH known_hosts entries

Manage the information stored in the known_hosts files.

github.com:
  ssh_known_hosts:
    - present
    - user: root
    - fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48

example.com:
  ssh_known_hosts:
    - absent
    - user: root
salt.states.ssh_known_hosts.absent(name, user=None, config=None)

Verifies that the specified host is not known by the given user

name
The host name
user
The user who owns the ssh authorized keys file to modify
config
The location of the authorized keys file relative to the user's home directory, defaults to ".ssh/known_hosts". If no user is specified, defaults to "/etc/ssh/ssh_known_hosts". If present, must be an absolute path when a user is not specified.
salt.states.ssh_known_hosts.present(name, user=None, fingerprint=None, key=None, port=None, enc=None, config=None, hash_hostname=True, hash_known_hosts=True, timeout=5)

Verifies that the specified host is known by the specified user

On many systems, specifically those running with openssh 4 or older, the enc option must be set, only openssh 5 and above can detect the key type.

name
The name of the remote host (e.g. "github.com")
user
The user who owns the ssh authorized keys file to modify
fingerprint
The fingerprint of the key which must be present in the known_hosts file (optional if key specified)
key
The public key which must be present in the known_hosts file (optional if fingerprint specified)
port
optional parameter, port which will be used to when requesting the public key from the remote host, defaults to port 22.
enc
Defines what type of key is being used, can be ed25519, ecdsa ssh-rsa or ssh-dss
config
The location of the authorized keys file relative to the user's home directory, defaults to ".ssh/known_hosts". If no user is specified, defaults to "/etc/ssh/ssh_known_hosts". If present, must be an absolute path when a user is not specified.
hash_hostname : True

Hash all hostnames and addresses in the known hosts file.

Carbon 版后已移除: Please use hash_known_hosts instead.

hash_known_hosts : True
Hash all hostnames and addresses in the known hosts file.
timeout : int

Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection is closed and the host in question considered unavailable. Default is 5 seconds.

2016.3.0 新版功能.