Silvio Rhatto
|
30a4593a05
|
Introducing perfect forward secrecy for SSH
|
2010-12-16 20:20:53 -02:00 |
|
mh
|
fa3d9e1654
|
do some trickery as arguments from puppet are passed as an array
|
2010-12-16 17:33:04 +01:00 |
|
mh
|
584cee7236
|
made error mesage a bit more verbose
|
2010-12-16 17:15:36 +01:00 |
|
mh
|
93fabb2021
|
remove stupid swap
|
2010-12-16 17:12:56 +01:00 |
|
mh
|
5c72941082
|
Add a function to create ssh keys on the fly
This allows you to use content of ssh keys within your manifests
and generate them automatically if they don't exist yet.
|
2010-12-16 16:22:24 +01:00 |
|
Micah Anderson
|
0ec0562257
|
remote KerberosGetAFSToken, its actually not a functional configuration option, even though it is listed in the man page, and commented out in the default config file. I filed a bug with debian (#607238)
|
2010-12-15 20:38:07 -05:00 |
|
Micah Anderson
|
167cf53271
|
"ChallengeResponseAuthentication no" was being hardcoded later in the Debian Lenny sshd_config template, even though we offer it as a variable. With this commit, the variable will actually work, rather than be overriden
|
2010-12-14 13:41:05 -05:00 |
|
Micah Anderson
|
72e24df3b6
|
add Debian Squeeze sshd template. Enabled kerberos and gssapi options, using the defaults when not specified
|
2010-12-14 13:22:43 -05:00 |
|
intrigeri
|
51156042b1
|
Mention dependency on lsb module.
|
2010-12-11 11:34:11 +01:00 |
|
mh
|
7e6d3af6f8
|
lenny already has AcceptEnv by default
|
2010-10-21 15:31:31 +02:00 |
|
mh
|
3200c182e1
|
use realport
|
2010-10-21 02:49:11 +02:00 |
|
mh
|
8f918b0e73
|
use parametrized class to pass ssh_ports to open up things
|
2010-10-20 23:46:14 +02:00 |
|
mh
|
28342ba418
|
introduce that port also can't be the name, fix ensure problem
|
2010-10-20 23:12:43 +02:00 |
|
mh
|
eec9e72425
|
extend sshd::nagios with ensure param
|
2010-10-20 22:57:15 +02:00 |
|
mh
|
d0d3d20e14
|
add nagios_check_ssh_hostname to tweak the hostname which whould be monitored, as this one might actually differ
|
2010-10-20 21:17:16 +02:00 |
|
mh
|
988a88f4e6
|
move define to own class
|
2010-10-20 20:56:15 +02:00 |
|
intrigeri
|
ceb1280177
|
Bugfix
|
2010-10-18 19:13:59 +02:00 |
|
intrigeri
|
0d41016e4f
|
Merge remote branch 'nadir/master'
Conflicts:
manifests/init.pp
|
2010-10-17 02:34:50 +02:00 |
|
intrigeri
|
8cb562f87c
|
Syntax fix.
|
2010-10-16 22:32:25 +02:00 |
|
intrigeri
|
5fb8eb969b
|
bugfix
|
2010-10-16 21:55:44 +02:00 |
|
intrigeri
|
ef093cafff
|
bugfix
|
2010-10-16 21:54:24 +02:00 |
|
intrigeri
|
a643172a79
|
New option sshd_ports that obsoletes sshd_port.
Backward compatibility is preserved.
|
2010-10-16 16:05:00 +02:00 |
|
intrigeri
|
23efb583bf
|
Cleanup templates: sshd_port is guaranteed by init.pp not to be empty.
|
2010-10-16 16:01:24 +02:00 |
|
intrigeri
|
060703f6a2
|
sshd service has status and restart commands in post-etch Debian releases.
|
2010-10-13 23:48:39 +02:00 |
|
nadir
|
35bc5ea4db
|
nagios-cmd is now check_ssh_port - according to shared-nagios
|
2010-10-05 19:07:24 +02:00 |
|
intrigeri
|
456e42b035
|
Simplify by using the config_file definition.
|
2010-10-04 22:03:49 +02:00 |
|
intrigeri
|
b9a8b7b3df
|
Add template for Debian Squeeze.
|
2010-10-03 19:56:48 +02:00 |
|
intrigeri
|
0615dc635c
|
Actually allow enabling ChallengeResponseAuthentication on Debian Lenny.
|
2010-10-03 19:56:04 +02:00 |
|
Silvio Rhatto
|
2c9e690d90
|
Using sshd::client::debian for ubuntu
|
2010-06-03 23:29:10 -03:00 |
|
Silvio Rhatto
|
0e9f8844a0
|
Adding Ubuntu_lucid.erb
|
2010-05-18 20:30:50 -03:00 |
|
Silvio Rhatto
|
5b77bf8123
|
Merge branch 'master' of git://labs.riseup.net/module_sshd
|
2010-02-25 14:52:32 -03:00 |
|
Micah Anderson
|
6b660a56a7
|
update nagios check_command to check ssh port. it was using ssh_port, it should be 'check_ssh_port'
|
2010-02-21 14:01:35 -05:00 |
|
Silvio Rhatto
|
1a26489a12
|
Renaming $sshd_internal_ip to $sshd_shared_ip
|
2010-01-30 21:32:12 -02:00 |
|
Silvio Rhatto
|
1e932ca927
|
Merge branch 'master' of git://labs.riseup.net/module_sshd
|
2009-12-28 11:18:54 -02:00 |
|
Micah Anderson
|
739c9d8e0e
|
Merge remote branch 'lavamind/master'
|
2009-12-27 16:27:20 -05:00 |
|
Silvio Rhatto
|
83cc6e3ded
|
Reverting last change
|
2009-12-27 17:04:12 -02:00 |
|
Silvio Rhatto
|
27bcf5e489
|
Always including sshd::client::base
|
2009-12-27 16:53:19 -02:00 |
|
Silvio Rhatto
|
3955383bb6
|
Using fqdn instead of hostname.domain
|
2009-12-27 16:30:14 -02:00 |
|
Silvio Rhatto
|
400476ebc7
|
Using sshrsakey instead of sshrsakey_key
|
2009-12-27 15:33:35 -02:00 |
|
Silvio Rhatto
|
1fd1d896a0
|
Introducing sshd_internal_ip variable
|
2009-12-27 14:23:51 -02:00 |
|
Silvio Rhatto
|
bbc03d2c10
|
PrintMotd using default OpenSSH setting
|
2009-12-27 14:01:55 -02:00 |
|
Micah Anderson
|
ea1a34bd79
|
update comments to include information about how to use the nagios
checks and the pre-requirements
|
2009-12-21 15:00:10 -05:00 |
|
Micah Anderson
|
6b602886ef
|
fix the comments section so that the include isn't misleading. if you
use 'include sshd::debian', then none of the variables are set, and you
will fail to parse the templates
|
2009-12-19 03:30:16 -05:00 |
|
Jerome Charaoui
|
3c21e594e6
|
remove fqdn from nagios service description (hostname is used in the internal nagios_service name)
|
2009-12-18 14:38:01 -05:00 |
|
mh
|
edcd0859b1
|
make key removal a bit easier
|
2009-12-18 19:06:43 +01:00 |
|
mh
|
0f281c8d4d
|
enable that ssh auth-keys can be removed
|
2009-12-18 18:36:05 +01:00 |
|
mh
|
1d595dd34c
|
false != 'false'
|
2009-12-11 09:45:35 +01:00 |
|
mh
|
caccb4deb5
|
set protocol 2 for centos, required.
|
2009-12-11 09:35:34 +01:00 |
|
mh
|
dac25a5c68
|
require class instead of requiring packages
|
2009-12-10 23:49:32 +01:00 |
|
mh
|
5bdeab5848
|
re-add shorewall in rule :/
|
2009-12-10 23:45:12 +01:00 |
|