opuppet/module-sshd
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
288 commits 2 branches 0 tags 297 KiB
Commit graph

288 commits

This branch
This branch
All branches
Author SHA1 Message Date
Micah Anderson
d78749fd8f Add a $hostkey_type variable that allows you to set which hostkey 
types you want to support in your sshd_config.

We use the ssh_version fact to determine the default hostkey types.
Only enable rsa and ed25519 for ssh versions greater or equal
to 6.5, otherwise enable rsa and dsa.

Some distributions, such as debian, also enable ecdsa as a hostkey
type, but this is a known bad NIST curve, so we do not enable that
by default (thus deviating from the stock sshd config)
 2014-11-21 21:20:29 -05:00
Micah Anderson
03751baf8e add custom fact, providing ssh_version 2014-11-21 18:18:15 -05:00
Micah Anderson
ae9cf81188 Merge remote-tracking branch 'tails/feature/jessie-and-sid-templates' 2014-11-21 16:46:09 -05:00
Micah Anderson
4652fbcae0 Merge remote-tracking branch 'immerda/master' 2014-11-01 10:30:37 -04:00
Micah Anderson
37bd36fe06 Revert "get ecdsa host keys in Debian Wheezy" 
This reverts commit 1eabfe1b59.

These shitty NIST curves are no good
 2014-11-01 10:29:48 -04:00
intrigeri
254d2361f5 Copy the Debian sid template to a new one for Jessie. 
Another option could be to symlink it, but the freeze is coming soon, so most
likely they'll start to diverge at some point.
 2014-09-17 20:44:12 +00:00
intrigeri
75117dd042 Resynchronize Debian sid template with the configuration file currently shipped by the package. 2014-09-17 20:43:45 +00:00
mh
1f6f568930 move to os release number on centos for selection 2014-08-15 10:22:40 +02:00
mh
f19d1718b4 Openbsd also does not yet have it 2014-06-10 19:41:50 +02:00
mh
88c58b307c EL 6 also does not have this option yet 2014-06-10 19:28:19 +02:00
mh
4b7fc1a695 lintig a document 2014-06-10 18:31:11 +02:00
mh
0f9315b4f3 not all versions support the new default 2014-06-10 18:29:47 +02:00
mh
cd783ad5eb Merge remote-tracking branch 'shared/master' 
Conflicts:
	manifests/init.pp
 2014-06-10 11:25:16 +02:00
Micah Anderson
5c23b33200 update $authorized_keys_file variable default to be the default is 
documented by sshd_config(5)
 2014-05-27 16:43:47 -04:00
Micah Anderson
6b1044a0c7 add the ability to override the automatic inclusion of the sshd_client 2014-05-27 16:42:59 -04:00
mh
fb60c0c0c9 linting 2014-03-14 10:36:24 +01:00
mh
afb8ec7103 remove unnecessary param 2014-03-14 10:35:02 +01:00
Tomas Barton
59f1623786 renamed ipaddress_fact to sshkey_ipaddres 2014-02-21 14:37:55 +01:00
Tomas Barton
e2a69e56a1 too tired to type 2014-02-14 01:48:40 +01:00
Tomas Barton
2f12205c6b fixed variable name 2014-02-14 01:44:54 +01:00
Tomas Barton
a6a05cd9fc custom ip address fact 2014-02-14 01:24:15 +01:00
mh
253e4f1ced add test for options 2014-02-05 23:21:36 +01:00
mh
15a1a73462 wording 2014-02-05 23:17:36 +01:00
Tomas Barton
a0e961674b tests for ssh authorized key 2014-02-02 17:48:24 +01:00
duritong
dfc6d99c93 Merge pull request #7 from deric/more-tests 
More tests
 2014-02-01 06:52:23 -08:00
Tomas Barton
bf425e96b1 validate parameters 2014-01-27 00:16:27 +01:00
Tomas Barton
bf16ec7bc7 removed lsb-release package 2014-01-27 00:14:34 +01:00
Tomas Barton
9dc5a1db18 removed special no-restart status for etch 2014-01-27 00:04:33 +01:00
Tomas Barton
3fdd59f654 using fixtures.yml for linking folders 2014-01-26 18:35:44 +01:00
Tomas Barton
c1588ff6c3 test changing port 2014-01-26 18:26:35 +01:00
Tomas Barton
5ce0dcda97 client spec 2014-01-26 18:26:34 +01:00
Tomas Barton
550e78a4e6 ruby 1.8.7 compatibility 2014-01-26 18:26:34 +01:00
Tomas Barton
e935d75f62 removed shared-common from dependencies 2014-01-26 18:26:34 +01:00
Tomas Barton
035161ef16 basic init class specs 2014-01-26 18:26:34 +01:00
Tomas Barton
78f1ff00d0 replaces shared-lsb by puppetlabs/stdlib 2014-01-26 18:26:34 +01:00
mh
aee6885940 adjust readme 2014-01-26 15:33:18 +01:00
mh
a9f0dad383 fix broken tests 
These tests were broken before, because they didn't mock the right
method.
 2014-01-26 15:25:48 +01:00
Tomas Barton
f7ae144165 removed files directory 2014-01-25 19:08:49 +01:00
Tomas Barton
2a0b58d6a8 testing infastructure, rspec tests 2014-01-25 19:08:04 +01:00
duritong
5486852c9e Merge pull request #5 from deric/master 
removed global variables from readme
 2014-01-25 06:19:05 -08:00
Tomas Barton
cb8721ad5f default values formatting 2014-01-25 13:41:08 +01:00
Tomas Barton
3fb53ecbc2 formatting 2014-01-25 13:30:49 +01:00
Tomas Barton
f837fe9075 removed global variables from documentation, converted to markdown 2014-01-25 13:23:27 +01:00
mh
e2c0b37c7e no need to have these quotes 2013-12-04 22:57:47 +01:00
mh
6578e0c918 fix deprecation warning 'Puppet::Util.execute is deprecated; please use Puppet::Util::Execution.execute' 2013-12-04 22:54:44 +01:00
mh
19218d6b02 unify centos sshd config and update it to latest upstream 2013-11-29 11:17:31 +01:00
kwadronaut
1eabfe1b59 get ecdsa host keys in Debian Wheezy 2013-11-08 21:59:25 +01:00
mh
a3aeb0d573 rather match the correct service than the parent pid 
the last approach only matched if someone was logged in
with ssh. :/
 2013-05-29 23:46:37 +02:00
Yoann Laissus
3c30e95985 Nagios disabled by default 2013-05-29 23:21:46 +02:00
mh
be062f00e2 on newer puppet version the openbsd service provider changed slightly making this necessary 2013-05-20 20:44:15 +02:00