Chef/Security/SshPrivateKey

The Cookstyle cops department: Chef/Security

Enabled by default	Supports autocorrection	Target Chef Version
Enabled	No	All Versions

Do not include plain text SSH private keys in your cookbook code. This sensitive data should be fetched from secrets management systems so that secrets are not uploaded in plain text to the Chef Infra Server or committed to source control systems.

Examples

incorrect

file '/Users/bob_bobberson/.ssh/id_rsa' do
  content '-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----'
  mode '600'
end

Configurable attributes

Name	Default value	Configurable values
Version Added	7.28	String
Include	`*/libraries/.rb` `*/resources/.rb` `*/providers/.rb` `*/recipes/.rb` `*/attributes/.rb` `*/definitions/.rb`	Array

Chef/Security/SshPrivateKey

Examples

incorrect

Configurable attributes

Chef Product

Search Results