提交图

17 提交

作者 SHA1 备注 提交日期
Micah Anderson
e4a9c15987 Implement enhanced MAC (Message Authentication Codes) according to
installed version of openssh and https://stribika.github.io/2015/01/04/secure-secure-shell.html
2015-05-04 15:42:26 -04:00
Micah Anderson
1402e67b21 Implement enhanced symmetric cipher selection, based on
https://stribika.github.io/2015/01/04/secure-secure-shell.html and
version of openssh installed
2015-05-04 15:42:26 -04:00
Micah Anderson
430c48200e Implement KexAlgorithms settings, based on Key exchange section of
https://stribika.github.io/2015/01/04/secure-secure-shell.html

Note, that on some systems it is uncertain if they will have a new
enough version of openssh installed, so on those a version test is done
to see before setting them.
2015-05-04 15:42:26 -04:00
Micah Anderson
fd82841c1f Change 'hardened_ssl' paramter to simply 'hardened', this makes more
sense in general
2015-05-04 15:42:26 -04:00
mh
2204eb01f6 new style for 2.7 2012-06-05 18:23:03 -03:00
Silvio Rhatto
0e9e1b6f2c Adding PrintMotd parameter to all templates and setting per-distro default value 2011-07-21 11:01:33 -03:00
Silvio Rhatto
57d8883d48 Removing sshd_use_strong_ciphers parameter as sshd_hardened_ssl does the job 2011-07-13 18:41:59 -03:00
Silvio Rhatto
99928cd61e Merge branch 'master' of git://labs.riseup.net/shared-sshd 2011-07-13 18:39:18 -03:00
intrigeri
34863e959f New opt-in support to only use strong SSL ciphers and MACs.
The new configuration variable is $sshd_hardened_ssl.
Settings were stolen from https://github.com/ioerror/duraconf.git.
2011-06-21 00:27:55 +02:00
Silvio Rhatto
75105d66d8 Adding sshd_use_strong_ciphers to all sshd_config templates 2011-02-23 14:40:02 -03:00
intrigeri
8cb562f87c Syntax fix. 2010-10-16 22:32:25 +02:00
intrigeri
a643172a79 New option sshd_ports that obsoletes sshd_port.
Backward compatibility is preserved.
2010-10-16 16:05:00 +02:00
intrigeri
23efb583bf Cleanup templates: sshd_port is guaranteed by init.pp not to be empty. 2010-10-16 16:01:24 +02:00
Micah Anderson
93e2f4d4c0 Template out the possibility of specifying the key word 'off' to the
$sshd_port parameter, which simply puts a comment in front of that
option, rather than specifying it.
2009-07-07 20:55:13 -04:00
Micah Anderson
f44776cbbf replace the sshd_additional_options variable with two, one called
sshd_head_additional_options and one called sshd_tail_additional_options.
the first puts the value at the beginning of the file, and the second at
the end.

This is necessary due to some option ordering requiring things to be
before others
2009-07-07 20:52:40 -04:00
mh
96bbe0adb8 new options, cleaned up real_ hack
git-svn-id: https://svn/ipuppet/trunk/modules/sshd@2527 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
2008-10-20 22:46:50 +00:00
mh
9ce186f5c3 merged with riseup
git-svn-id: https://svn/ipuppet/trunk/modules/sshd@2263 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
2008-09-29 22:37:26 +00:00
重命名自 templates/sshd_config/Gentoo_normal.erb (浏览更多)