ring-change-sshkeys

[job]

Some kind of wrapper that can manage the sshkeys for users would be nice. I imagine the following:

user types ring-change-sshkeys on a ring-node, and it will open up the preferred editor and it should like like typing 'crontab -e'.

The first few lines of the authorized_keys file that is displayed should be some comments which contain warnings and what the file means.

The user can then edit the file to it's liking and when quiting the editor the resulting data should be validated:

• empty file is error
• invalid keys error
• etc

If an error is found the user should be presented with a choice: discard all changes or open the editor again.

If the file is valid, it can be emailed to ring-admins@ in puppetized format and incorporated in the repos. In the future we can automate this if we have reason to trust the system.

[job]

A good starting point would be if the current ~/.ssh/authorized_keys file is copied to an temporary file and the temp file is opened in the editor.

[madeddie]

is this still an issue? :) should we close it?

[teunvink]

this has been implemented, any improvement on the way we're handling this can be written in issues in the ring-ansible repository. There is already one on improving the speed of deploying keys.