[root@server0 manifests]# su - signer [signer@server0 ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/signer/.ssh/id_rsa): Created directory '/home/signer/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/signer/.ssh/id_rsa. Your public key has been saved in /home/signer/.ssh/id_rsa.pub. The key fingerprint is: 35:b7:84:6d:34:8c:76:9a:8d:7c:3e:4a:e8:c1:1e:fd signer@server0.example.com [signer@server0 ~]$ cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr9rnu0jbSPipuZI2umz/v73jeRTjxlX9D7cHSFIaJUUShFSelFUfojkjl4ri4m4qc40icArMa4NMGZ9d3y+ZqMqeIPZVtJKEqkn2E9GJS36N13H75DwVPv4KE2oLR9Zk4T8HovLr50tWbJr5/G6VfwwybR3q6HdJSO7liAKmrJwFokev1fsmiZQX+rADL8XB+gZ/9FsFIi4F4YKsLGQz78CSf/jZ71qNC5Y4HniVQDv6RmZp+koHT6hOPKTuUD/VOWXHxoLc9c6ypkeSMaINvNHDvmUsbp+rNppiZPKnsDFoh3fL4h5pFKJ1DAYjOdnhLKJgwLzmBq7qfYpd/PEw2Q== signer@server0.example.com [signer@server0 ~]$ exit [root@server0 manifests]# cat base.pp class base { remotefile { "/etc/sysconfig/puppet": mode => 644 } service { puppet: ensure => true, enable => true, hasrestart => true } ssh_authorized_key { "signer": ensure => present, type => "ssh-rsa", key => "AAAAB3NzaC1yc2EAAAABIwAAAQEAr9rnu0jbSPipuZI2umz/v73jeRTjxlX9D7cHSFIaJUUShFSelFUfojkjl4ri4m4qc40icArMa4NMGZ9d3y+ZqMqeIPZVtJKEqkn2E9GJS36N13H75DwVPv4KE2oLR9Zk4T8HovLr50tWbJr5/G6VfwwybR3q6HdJSO7liAKmrJwFokev1fsmiZQX+rADL8XB+gZ/9FsFIi4F4YKsLGQz78CSf/jZ71qNC5Y4HniVQDv6RmZp+koHT6hOPKTuUD/VOWXHxoLc9c6ypkeSMaINvNHDvmUsbp+rNppiZPKnsDFoh3fL4h5pFKJ1DAYjOdnhLKJgwLzmBq7qfYpd/PEw2Q==", name => "signer@example.com", target => "/root/.ssh/authorized_keys" } } [root@server0 manifests]#Now we have to create /etc/sysconfig/puppet that we referenced in our call to remotefile.
[root@server0 puppet]# pushd /var/lib/puppet/files /var/lib/puppet/files /etc/puppet [root@server0 puppet]# mkdir -p files/base/etc/sysconfig [root@server0 puppet]# mkdir facts [root@server0 puppet]# cd files/base/etc/sysconfig [root@server0 sysconfig]# catNext, we'll configure the puppet fileserver to serve out files that are stored in /var/lib/puppet/files/basepuppet > PUPPET_SERVER=server0.example.com > PUPPET_EXTRA_OPTS=--factsync > EOF [root@server0 files]# popd /etc/puppet