Comment 2 for bug 1770071

There's a little more to this - charmhelpers.contrib.unison does the initial setup which drops (root-owned) authorized_keys and known_hosts onto each unit.

Those files are *supposed* to already contain the appropriate values, the root ownership may even be an intentional security measure to avoid the 'www-sync' user from connecting to anywhere it's not supposed to.

Retargetting to charm-helpers for clarity, but that probably needs a Github issue...

https://github.com/juju/charm-helpers/blob/master/charmhelpers/contrib/unison/__init__.py