Configure user SSH keys

To use the Secure Shell (SSH) protocol for communication between computers, you must configure SSH keys. You can also configure SSH keys for individual users.

The following example shows how to configure keys for two users on Red Hat Enterprise Linux 8. This example uses options of the cem_linux::utils::packages::linux::ssh class that are not currently documented in the reference, but are fully supported for use. To use undocumented options, or options that are supported but do not fit directly under a control, such as options documented under the cem_options key, you can place the options under any control associated with your specified backing resource. Controls and their backing resources can be found in the CEM Linux Reference.

In the example, SSH root login is permitted, and keys are configured for testuser1 and testuser2:

cem_linux::benchmark: 'cis'
cem_linux::config:
  profile: 'server'
  level: '1'
  control_configs:
    ensure_ssh_root_login_is_disabled:
      permit_root_login: 'yes'
      user_ssh_keys:
        testuser1:
          home_dir: /home/testuser1
          ssh_key: ssh-rsa A...ZcTFw== rsa-key-20201022
        testuser2:
          home_dir: /home/testuser2
          ssh_key: ssh-rsa A...ZcTFw== rsa-key-20201022