class ssh { augeas{ "ssh": context => "/files/etc/ssh/sshd_config", changes => [ "set PasswordAuthentication no" ], notify => Service["sshd"] } service{ sshd: ensure => true, enable => true, hasrestart => true } case $sshrsakey { "": { # ignore empty keys } default: { @@sshkey {"$hostname": type => rsa, key => $sshrsakey, alias => $fqdn } # add keys based on ipaddress, we look for eth0 and eth1 case $ipaddress_eth0 { "": { # if no such thing use $ipaddress @@sshkey {"$ipaddress": type => rsa, key => $sshrsakey } } default: { @@sshkey {"$ipaddress_eth0": type => rsa, key => $sshrsakey } } } case $ipaddress_eth1 { "": { # if no such thing do nothing } default: { @@sshkey {"ipaddress_eth1": type => rsa, key => $sshrsakey } } } # check for bridged interface case $ipaddress_br0 { "": { # if no such thing do nothing } default: { @@sshkey {"ipaddress_br0": type => rsa, key => $sshrsakey } } } } } Sshkey | |>> }