Alexander Weidinger
70461403cb
known_hosts: sort IP addresses
in order to prevent unnecessary changes due to
random ordering of dig results.
7 jaren geleden
Alexander Weidinger
678cc9066c
PrintLastLog missing in FreeBSD 10.3
7 jaren geleden
Pandu E Poluan
773d9ae092
Apply string-or-list processing to ssh_config
Now ssh_config also accepts string-or-list options, for serveral
keywords.
8 jaren geleden
Pandu E Poluan
30648d115e
Add macro to handle string or list
Added a macro to handle multivalue options entered in either string
format or list format (with auto joiner).
8 jaren geleden
Eric Cook
686fc2c4ee
do not set UsePAM on OpenBSD
Upstream opensshd does not support PAM
8 jaren geleden
Simon Pirschel
2a1b8fbc66
fix issue sshd won't start if AddressFamily is specified, because it must be defined before ListenAddress
8 jaren geleden
Johannes Löthberg
02b52fa7cf
Add AuthorizedKeysCommand support
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
8 jaren geleden
Niels Abspoel
641851632f
add more authentication options
8 jaren geleden
Matthieu DERASSE
3542a1f534
Implement Session idle time out
8 jaren geleden
Simon Lloyd
daed52de19
Add sshd_config to map.jinja and check if dig command is available before installing 'dig' package.
8 jaren geleden
Nigel Sim
1e515b0f5d
make the host option rendering support lists by refactoring the main option rendering code
put the ssh_config Host:* options in the defaults file so they can be overridden
9 jaren geleden
ketzacoatl
143451eb19
Add support for Host definitions in ssh_config
This gives us the ability to define system-wide definitions for specific Hosts, and their options.
For example, with this in pillar:
```
# this is the place for host-wide SSH config
ssh_config:
...
Hosts:
# this simplifies cloning with custom params
# eg: git clone my-git:foo/bar
my-git:
User: git
HostName: git.example.com
Port: 2222
```
This would add a section in `/etc/ssh/ssh_config`:
```
Host my-git
User git
HostName git.example.com
Port 2222
```
9 jaren geleden
Bogdan Radulescu
13cf374efe
Added configuration options for ssh_config
Made a small change to reflect the default sshd_config
9 jaren geleden
Bogdan Radulescu
fd4381b769
The default value for ServerKeyBits is 1024 both upstream and in distros
9 jaren geleden
Ingo Bente
83bb5ac5a0
adds support to harden sshd_config (KeyExchange, Ciphers, MACs)
9 jaren geleden
Thomas Juberg
6b68c44583
Stop messing up the first line in ssh_known_hosts
9 jaren geleden
Raphaël Hertzog
1b74efd2d0
Add a new openssh.known_hosts state
This state manages /etc/ssh/ssh_known_hosts and fills it with
public SSH host keys of other minions.
9 jaren geleden
Niels Abspoel
33ee945557
Added AllowUsers,AllowGroups,DenyUsers,DenyGroups
This will add more options to set to secure openssh
- AllowUsers
- AllowGroups
- DenyUsers
- DenyGroups
10 jaren geleden
Bohdan Kmit
b843d8168b
add ed25519 host key type; add AuthenticationMethods option
10 jaren geleden
Skyler Berg
a83409182f
Fix jinja spacing mistake for unknown options
When specifying multiple unknown ssh options, they would all appear on
the same line.
10 jaren geleden
Tim Jones
09ca7de060
Allow newline after ListenAddress
10 jaren geleden
Robert Fairburn
8616d3d130
fix comment
10 jaren geleden
Robert Fairburn
b24101264f
make sure to match options as the options dict!
10 jaren geleden
Robert Fairburn
1a2de43ed7
defaults do not need a prefix
10 jaren geleden
Robert Fairburn
85c97b450a
fix a typo in keywords being sent improperly
10 jaren geleden
Robert Fairburn
abf6e09fbb
Fix a typo in the match jinja
10 jaren geleden
Robert Fairburn
ba72c1e8b7
remove prefix when not needed
10 jaren geleden
Robert Fairburn
c100fc88a3
allow for "Match" inside of an sshd_config
10 jaren geleden
Wes Turner
970777b9bb
Add a UseDNS option to sshd_config
10 jaren geleden
Oleg Tsarev
48ebd1b07b
Changed sshd_config generation to more readable scheme.
Synced file with default from Ubuntu 12.04 latest
10 jaren geleden
matthew-parlette
cdfab3953d
Define a line for each option.
This provides a default option (according to the package-provided config file) for each option in the config.
10 jaren geleden
matthew-parlette
2f28a008c2
Cleared out static parts of config since it was causing issues
10 jaren geleden
Carlos Perelló Marín
e2cddca13e
Reverted the namespace change to avoid conflicts and backward incompatibilities
11 jaren geleden
Carlos Perelló Marín
47211d0648
Added support to manage ssh certificates
11 jaren geleden
Kenny Do
b0c7009cb2
updated sshd_config file to be populated by pillar
11 jaren geleden
Mark Eggert
2e229681c7
Adding a small variable to the OpenSSH sshd_config file so that the service will work correctly on Centos 6.4 and earlier
11 jaren geleden
Thomas S Hatch
1224ee95f0
Add openssh files
11 jaren geleden