We pass the pillars via the template engine context, this avoid the
need to load `map.jinja` from the templates themselves and recude the
number of `pillar.get` calls.

* openssh/config.sls (sshd_config): pass `sshd_config` in the
  context.
  (ssh_config): pass `ssh_config` in the context.

* openssh/files/default/ssh_config: remove `map.jinja` import since
  it's now in the context.

* openssh/files/default/sshd_config: ditoo.

* openssh/known_hosts.sls: pass `known_hosts` in the context.

* openssh/files/default/ssh_known_hosts: use `known_hosts` from the
  context instead of calling `pillar.get` several times.

BREAKING CHANGE: Minimum Salt version support is now `2019.2` in line
with official upstream support; also use of the `traverse` Jinja filter.

* drop default values (fixes #102)
* hmac-ripemd160 was dropped in 7.6

This prevents a verbatim version being added to end of file that will
cause the parsing to fail.

This is was introduced in 5.9, and is default in 6.1.
https://www.openssh.com/txt/release-5.9
https://www.openssh.com/txt/release-6.1

OpenSSH's Match declarations are applied first-match-wins. However, we
can't safely define two Matches that might overlap unless we first sort
the keys, as Python (and Jinja) dicts don't guarantee the order of
dict keys,

We also won't scramble the match sequence every time the user adds,
removes or renames a match, and so we give the user clearer, more
concise diffs as when they apply changes.

Finally, we leave a comment on the Match line identifying where the
Match rule came from, to assist in troubleshooting.

Support complex compound matches in Match criteria. For example, be able
to match against multiple Users for a given Match, or be able to match
against address ranges. Or Groups. Or any combination thereof.

Support for matching users can take one of several different appearances
in pillar data:

sshd_config:
  matches:
    match_1:
      type:
        User: one_user
      options:
        ChrootDirectory: /ex/%u
    match_2:
      type:
        User:
          - jim
          - bob
          - sally
      options:
        ChrootDirectory: /ex/%u
    match_3:
      type:
        User:
          jim: ~
          bob: ~
          sally: ~
      options:
        ChrootDirectory: /ex/%u

Note the syntax of match_3. By using empty dicts for each user, we can
leverage Salt's pillar mergine. If we use simple lists, we cannot do
this; Salt can't merge simple lists, because it doesn't know what order
they ought to be in.

OpenSSH's Match declarations are applied first-match-wins. However, we
can't safely define two Matches that might overlap unless we first sort
the keys, as Python (and Jinja) dicts don't guarantee the order of
dict keys,

We also won't scramble the match sequence every time the user adds,
removes or renames a match, and so we give the user clearer, more
concise diffs as when they apply changes.

Finally, we leave a comment on the Match line identifying where the
Match rule came from, to assist in troubleshooting.

The fix introduced in 678cc9066c
suppresses the PrintLastLog directive for FreeBSD 10.3.
SSH on FreeBSD 11.0 also does not support PrintLastLog, so this
change suppresses it for any version >= 10.3.

Added a macro to handle multivalue options entered in either string
format or list format (with auto joiner).

Upstream opensshd does not support PAM

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>

Made a small change to reflect the default sshd_config

This will add more options to set to secure openssh
- AllowUsers
- AllowGroups
- DenyUsers
- DenyGroups

When specifying multiple unknown ssh options, they would all appear on
the same line.

Synced file with default from Ubuntu 12.04 latest

This provides a default option (according to the package-provided config file) for each option in the config.