Current implementation of ssh_auth_sources relies on explicit use of ssh_auth_sources.absent to remove obsolete SSH public keys from .ssh/authorized_keys file.
SaltStack v3000 introduced a new state ssh_auth.manage to explicitly enumerate keys that should be in .ssh/authorized_keys file
Describe the solution you'd like
There are two possible options:
switch ssh_auth_sources to use ssh_auth.manage state; or
introduce a new state ssh_auth_sources.manage as less disturbing solution
Describe alternatives you've considered
This is not critical, one can use Salt's ssh_auth.manage directly
Is your feature request related to a problem?
Current implementation of
ssh_auth_sourcesrelies on explicit use ofssh_auth_sources.absentto remove obsolete SSH public keys from .ssh/authorized_keys file. SaltStack v3000 introduced a new statessh_auth.manageto explicitly enumerate keys that should be in .ssh/authorized_keys fileDescribe the solution you'd like
There are two possible options:
ssh_auth_sourcesto usessh_auth.managestate; orssh_auth_sources.manageas less disturbing solutionDescribe alternatives you've considered
This is not critical, one can use Salt's
ssh_auth.managedirectlyAdditional context