mh
e2c0b37c7e
no need to have these quotes
2013-12-04 22:57:47 +01:00
mh
6578e0c918
fix deprecation warning 'Puppet::Util.execute is deprecated; please use Puppet::Util::Execution.execute'
2013-12-04 22:54:44 +01:00
mh
19218d6b02
unify centos sshd config and update it to latest upstream
2013-11-29 11:17:31 +01:00
mh
a3aeb0d573
rather match the correct service than the parent pid
...
the last approach only matched if someone was logged in
with ssh. :/
2013-05-29 23:46:37 +02:00
Yoann Laissus
3c30e95985
Nagios disabled by default
2013-05-29 23:21:46 +02:00
mh
be062f00e2
on newer puppet version the openbsd service provider changed slightly making this necessary
2013-05-20 20:44:15 +02:00
mh
8ecac4219f
Merge remote-tracking branch 'githubmirror/master'
2013-02-04 21:41:05 +01:00
duritong
ad6ecdffe7
Merge pull request #2 from mmoll/style
...
style fixes
2013-02-04 12:40:26 -08:00
Michael Moll
7743650cde
style fixes
...
silence puppet-lint
2013-02-03 00:30:54 +01:00
varac
576bbf09d8
README upgrade notice
2013-01-09 00:01:15 +01:00
mh
ef73d094dc
Merge commit '42fce2a4576dd97a270d4d875531b39920655edb'
2013-01-02 16:02:48 +01:00
mh
483ba331f3
Merge remote-tracking branch 'shared/master'
2013-01-02 15:53:41 +01:00
nadir
42fce2a457
added Ubuntu precise support
2012-11-07 18:17:27 +01:00
mh
ce47b742e2
fix variable name
2012-08-26 19:10:26 +02:00
mh
5b86606d59
correct variable naming
2012-06-18 17:43:48 -03:00
mh
d4db185c3f
migrate away from hiera stuff
2012-06-13 21:52:44 -03:00
mh
8aab254eaa
recmkdir is gone
2012-06-08 13:17:23 -03:00
mh
8d0127b219
new style for 2.7
2012-06-05 18:46:39 -03:00
mh
2204eb01f6
new style for 2.7
2012-06-05 18:23:03 -03:00
Silvio Rhatto
bd2e283ab5
Adding sshd_config for oneiric
2012-02-03 15:10:42 -02:00
mh
d5404bbdba
remove legacy facts
2011-07-29 19:35:00 +02:00
mh
cb7cd9e314
Merge remote-tracking branch 'shared/master'
2011-07-29 19:31:41 +02:00
Silvio Rhatto
0e9e1b6f2c
Adding PrintMotd parameter to all templates and setting per-distro default value
2011-07-21 11:01:33 -03:00
Gabriel Filion
89aeace9b6
Document the $sshd_shared_ip variable in the README
...
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-07-17 00:38:25 -04:00
Gabriel Filion
0822b5bfb5
Document the $sshd_print_motd variable in the README
...
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-07-17 00:28:54 -04:00
Gabriel Filion
69c8085470
Provide a default value for $sshd_shared_ip in sshd::client
...
Since it's possible to "include sshd::client" without using "include
sshd" (e.g. installing/managing ssh client but not the server) provide a
default value for $sshd_shared_ip also in the sshd::client class.
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-07-17 00:21:44 -04:00
Gabriel Filion
6615426a49
Clean out $ssh_use_strong_ciphers
...
A tentative option from rhatto using the variable named
$ssh_use_strong_ciphers still has two lines in init.pp
Since the same functionality is provided by the variable
$ssh_hardened_ssl that was merged in the shared repository, rhatto
removed his feature. But there are still two lines left, so simply
remove them.
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-07-16 23:49:11 -04:00
Gabriel Filion
a5312442b6
Enable $ssh_hardened_ssl for FreeBSD
...
It is the only sshd_config template that didn't have this option, so
copy it from the other templates.
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-07-16 23:45:24 -04:00
Silvio Rhatto
b221570654
Updating FreeBSD template for new sshd_ports variable
2011-07-14 13:15:27 -03:00
Silvio Rhatto
57d8883d48
Removing sshd_use_strong_ciphers parameter as sshd_hardened_ssl does the job
2011-07-13 18:41:59 -03:00
Silvio Rhatto
99928cd61e
Merge branch 'master' of git://labs.riseup.net/shared-sshd
2011-07-13 18:39:18 -03:00
Micah Anderson
779d27e0ae
Merge remote-tracking branch 'lelutin/freebsd'
2011-06-21 11:46:42 -04:00
intrigeri
bbfc7c04ba
Merge branch 'feature/debian_wheezy'
2011-06-21 00:28:44 +02:00
intrigeri
005baf59c5
Add sshd_config template for Debian Wheezy.
...
Currently, this is a symlink to the Debian sid's one, which I've recently
resync'd. Once Wheezy is frozen, we'll want to fork its own template.
2011-06-21 00:28:37 +02:00
intrigeri
34863e959f
New opt-in support to only use strong SSL ciphers and MACs.
...
The new configuration variable is $sshd_hardened_ssl.
Settings were stolen from https://github.com/ioerror/duraconf.git .
2011-06-21 00:27:55 +02:00
mh
7a44f28880
we should pass the architecture to devel packages
2011-04-03 12:52:46 +02:00
Silvio Rhatto
4d73d3784e
Changing strong cipher to aes128-crt
2011-02-23 14:46:20 -03:00
Silvio Rhatto
75105d66d8
Adding sshd_use_strong_ciphers to all sshd_config templates
2011-02-23 14:40:02 -03:00
Silvio Rhatto
9ac4697eb5
Changing parameter name sshd_perfect_forward_secrecy to sshd_use_strong_ciphers as sshd already does PFS
2011-02-23 14:25:18 -03:00
Micah Anderson
af76f6cfe7
Merge remote-tracking branch 'lelutin/ubuntu'
2011-02-22 16:11:36 -05:00
Gabriel Filion
95bf6e032b
FreeBSD: Use variables for the Kerberos options
...
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-02-21 15:18:14 -05:00
Micah Anderson
ac240412cc
remove HostbasedUsesNameFromPacketOnly yes from Debian sshd_config templates. This is not set in the Debian templates by default, and the default is actually no, not yes. If someone wishes to make a configuration variable they can, otherwise head/tail_additional options can be used
2011-02-21 12:45:49 -05:00
intrigeri
c99ff17b1f
Resync Debian sid template with the Squeeze's one.
...
Currently, the only difference is LoginGraceTime, that defaults to 600 in sid.
2011-02-21 18:29:25 +01:00
intrigeri
6baed9bd81
Merge remote branch 'lelutin/debian_template'
2011-02-21 18:20:46 +01:00
Silvio Rhatto
85880085ff
Updating lucid template with new ssh port scheme
2011-02-19 18:48:59 -02:00
Silvio Rhatto
474b23271d
Merge branch 'master' of git://labs.riseup.net/shared-sshd
...
Conflicts:
templates/sshd_config/Debian_squeeze.erb
2011-02-19 18:08:02 -02:00
Micah Anderson
e0d3cdbd36
Update README to include the ssh_keygen function
2011-02-19 14:18:02 -05:00
Micah Anderson
86f31fcff9
Pull together a more comprehensive README, moving the configurable variables from init.pp into the README, and detailing the other features, and requirements, of the module
2011-02-19 14:12:04 -05:00
intrigeri
2f7903bcc4
Merge remote branch 'shared/master'
...
Conflicts:
templates/sshd_config/Debian_squeeze.erb
I always picked the shared repository version when conflicts arose.
The only exception to this rule was:
I kept my branch's "HostbasedUsesNameFromPacketOnly yes" in order
to be consistent with existing Etch and Lenny templates.
This is not the default Debian setting, but I would find it weird if a host
had this setting changed by Puppet after upgrading to Squeeze.
The right way to proceed would probably be to make this configurable.
2011-02-14 17:17:31 +01:00
intrigeri
7c046e3fdf
Merge remote branch 'immerda/master'
2011-02-14 17:01:04 +01:00