ExternalMirrors
/
openssh-formula
огледало от https://github.com/saltstack-formulas/openssh-formula
Наблюдаван 1
Харесван 0
Разклонения 1
Код Задачи 0 Версии 27 Уики Activity
Saltstack Official OpenSSH Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
77 Ревизии
3 Клонове
ИН на ревизия: 33ee945557
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '33ee945557'
${ noResults }
openssh-formula/pillar.example

pillar.example 2.3KB
Директен файл Normal View История

Reverted the namespace change to avoid conflicts and backward incompatibilities
преди 11 години
add ed25519 host key type; add AuthenticationMethods option
преди 10 години
Explicitly defined options as strings. This fixes an issue where PyYAML was converting yes and no into True and False in the generated sshd_config file.
преди 10 години
Reverted the namespace change to avoid conflicts and backward incompatibilities
преди 11 години
Explicitly defined options as strings. This fixes an issue where PyYAML was converting yes and no into True and False in the generated sshd_config file.
преди 10 години
add ed25519 host key type; add AuthenticationMethods option
преди 10 години
Explicitly defined options as strings. This fixes an issue where PyYAML was converting yes and no into True and False in the generated sshd_config file.
преди 10 години
Reverted the namespace change to avoid conflicts and backward incompatibilities
преди 11 години
Explicitly defined options as strings. This fixes an issue where PyYAML was converting yes and no into True and False in the generated sshd_config file.
преди 10 години
Reverted the namespace change to avoid conflicts and backward incompatibilities
преди 11 години
Explicitly defined options as strings. This fixes an issue where PyYAML was converting yes and no into True and False in the generated sshd_config file.
преди 10 години
Add a UseDNS option to pillar.example
преди 10 години
Added AllowUsers,AllowGroups,DenyUsers,DenyGroups This will add more options to set to secure openssh - AllowUsers - AllowGroups - DenyUsers - DenyGroups
преди 10 години
add pillar example
преди 10 години
Added support to manage ssh certificates
преди 11 години
Reverted the namespace change to avoid conflicts and backward incompatibilities
преди 11 години
Added support to manage ssh certificates
преди 11 години
Cleanups for host key pillar example
преди 10 години
Modifying OpenSSH formula state to populate public/private DSA and RSA keys based on pillar data
преди 11 години
Cleanups for host key pillar example
преди 10 години
Update pillar.example
преди 10 години
Cleanups for host key pillar example
преди 10 години
Update pillar example
преди 10 години
Cleanups for host key pillar example
преди 10 години
Modifying OpenSSH formula state to populate public/private DSA and RSA keys based on pillar data
преди 11 години
Add support for ED25519 host keys
преди 10 години
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 
  1. sshd_config:

  2.   Port: 22

  3.   Protocol: 2

  4.   HostKey:

  5.     - /etc/ssh/ssh_host_rsa_key

  6.     - /etc/ssh/ssh_host_dsa_key

  7.     - /etc/ssh/ssh_host_ecdsa_key

  8.     - /etc/ssh/ssh_host_ed25519_key

  9.   UsePrivilegeSeparation: 'yes'

  10.   KeyRegenerationInterval: 3600

  11.   ServerKeyBits: 768

  12.   SyslogFacility: AUTH

  13.   LogLevel: INFO

  14.   LoginGraceTime: 120

  15.   PermitRootLogin: 'yes'

  16.   PasswordAuthentication: 'no'

  17.   StrictModes: 'yes'

  18.   RSAAuthentication: 'yes'

  19.   PubkeyAuthentication: 'yes'

  20.   IgnoreRhosts: 'yes'

  21.   RhostsRSAAuthentication: 'no'

  22.   HostbasedAuthentication: 'no'

  23.   PermitEmptyPasswords: 'no'

  24.   ChallengeResponseAuthentication: 'no'

  25.   AuthenticationMethods 'publickey,keyboard-interactive'

  26.   X11Forwarding: 'yes'

  27.   X11DisplayOffset: 10

  28.   PrintMotd: 'no'

  29.   PrintLastLog: 'yes'

  30.   TCPKeepAlive: 'yes'

  31.   AcceptEnv: "LANG LC_*"

  32.   Subsystem: "sftp /usr/lib/openssh/sftp-server"

  33.   UsePAM: 'yes'

  34.   UseDNS: 'yes'

  35.   AllowUsers: 'vader@10.0.0.1 maul@evil.com sidious luke'

  36.   AllowGroups: 'wheel staff'

  37.   matches:

  38.     sftp_chroot:

  39.       type:

  40.         Group: sftpusers

  41.       options:

  42.         ChrootDirectory: /sftp-chroot/%u

  43.         X11Forwarding: no

  44.         AllowTcpForwarding: no

  45.         ForceCommand: internal-sftp

  46. 

  47. openssh:

  48.   auth:

  49.     joe:

  50.       - name: JOE_VALID_SSH_PUBLIC_KEY

  51.         present: True

  52.         enc: ssh-rsa

  53.         comment: main key

  54.       - name: JOE_NON_VALID_SSH_PUBLIC_KEY

  55.         present: False

  56.         enc: ssh-rsa

  57.         comment: obsolete key - removed

  58. 

  59.   generate_dsa_keys: False

  60.   provide_dsa_keys: False

  61.   dsa:

  62.     private_key: |

  63.       -----BEGIN DSA PRIVATE KEY-----

  64.       NOT_DEFINED

  65.       -----END DSA PRIVATE KEY-----

  66.     public_key: |

  67.       ssh-dss NOT_DEFINED

  68. 

  69.   generate_ecdsa_keys: False

  70.   provide_ecdsa_keys: False

  71.   ecdsa:

  72.     private_key: |

  73.       -----BEGIN EC PRIVATE KEY-----

  74.       NOT_DEFINED

  75.       -----END EC PRIVATE KEY-----

  76.     public_key: |

  77.       ecdsa-sha2-nistp256 NOT_DEFINED

  78. 

  79.   generate_rsa_keys: False

  80.   provide_rsa_keys: False

  81.   rsa:

  82.     private_key: |

  83.       -----BEGIN RSA PRIVATE KEY-----

  84.       NOT_DEFINED

  85.       -----END RSA PRIVATE KEY-----

  86.     public_key: |

  87.       ssh-rsa NOT_DEFINED

  88. 

  89.   generate_ed25519_keys: False

  90.   provide_ed25519_keys: False

  91.   ed25519:

  92.     private_key: |

  93.       -----BEGIN OPENSSH PRIVATE KEY-----

  94.       NOT_DEFINED

  95.       -----END OPENSSH PRIVATE KEY-----

  96.     public_key: |

  97.       ssh-ed25519 NOT_DEFINED