Forge Home


Puppet ssh module (with strict key/password policy)


10,318 latest version

3.8 quality score

Version information

  • 0.0.3 (latest)
  • 0.0.1
released May 25th 2012

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'kupson-ssh', '0.0.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add kupson-ssh
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install kupson-ssh --version 0.0.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



kupson/ssh — version 0.0.3 May 25th 2012

Ssh module for Puppet


This module installs and configures ssh client/server.

Some features:

  • export/import ssh host keys based on $environment Puppet variable
  • only root can manage ssh_authorized_keys for users (/etc/ssh/authorized_keys/<username>)
  • purges unknown sshkey resources

Sshd configuration:

  • only protocol 2
  • only IPv4
  • internal sftp subsystem
  • disable password authorization
  • only PubKey auth (root account too)



Install ssh client and server.

include ssh


Install ssh client and export host key for current $environment. Add 'localhost' key to known hosts.

include ssh::client


Class ssh::client modified to import ssh host keys from all environments. Suitable for puppet master host or other all-environment nodes.

include ssh::client::allenv


This module install ssh server and configure it as mentioned in module description. Host key is exported with for-env-${environment} tag.

include ssh::server

ssh::params notes

Provide system dependent variables for other classes in this module.

  • Debian (tested on squeeze)
  • Ubuntu (untested, should work)


ssh_authorized_key (parsed_systemdir)

New provider for ssh_authorized_key type that put authorized_keys files with proper permissions in /etc/ssh/authorized_keys directory.

File mode and ownership example:
-rw-r----- 1 root demo  595 May 24 20:34 /etc/ssh/authorized_keys/demo