Schema for :ref:`server-plugins-generators-cfg-sshkeys` ``privkey.xml``
A **PrivateKeyGroupType** is a tag used to provide logic.
Child entries of a PrivateKeyGroupType tag only apply to
machines that match the condition specified -- either
membership in a group, or a matching client name.
:xml:attribute:`PrivateKeyGroupType:negate` can be set to
negate the sense of the match.
The name of the client or group to match on. Child entries
will only apply to this client or group (unless
:xml:attribute:`PrivateKeyGroupType:negate` is set).
Negate the sense of the match, so that child entries only
apply to a client if it is not a member of the given group
or does not have the given name.
Available private key formats
Specify the private key passphrase.
The name of the passphrase to use to encrypt this
private key on the filesystem (in Bcfg2).
Specify parameters for creating the private key
Number of bits in the key. See :manpage:`ssh-keygen(1)` for
defaults.
Key type to create.
Top-level tag for describing a generated SSH key pair.
Create keys on a per-host basis (rather than on a per-group
basis).
Create keys specific to the given category, instead of
specific to the category given in ``bcfg2.conf``.
Create group-specific keys with the given priority.
Override the global strict/lax decryption setting in
``bcfg2.conf``.