SshPrivateKey
The department is: SshPrivateKey
The full name of the cop is: Chef/Security/SshPrivateKey
| Enabled by default | Supports autocorrection | Target Chef Version |
|---|---|---|
| Enabled | No | All Versions |
Do not include plain text SSH private keys in your cookbook code. This sensitive data should be fetched from secrets management systems so that secrets are not uploaded in plain text to the Chef Infra Server or committed to source control systems.
Examples
incorrect
file '/Users/bob_bobberson/.ssh/id_rsa' do
content '-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----'
mode '600'
end
Configurable attributes
| Name | Default value | Configurable values |
|---|---|---|
| Version Added | 7.28 | String |
| Include |
| Array |
Was this page helpful?