aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2013-07-16 15:26:56 -0300
committerSilvio Rhatto <rhatto@riseup.net>2013-07-16 15:26:56 -0300
commit443683c33df8c6c9a4d5766fdbc4ac2d92f0a67c (patch)
tree7c6de76de467bb0a6ee56d18a12334180d6d0a24
parent7834a2ff6e3cfced588d91896d4aa04126e210cd (diff)
downloadpuppet-sshd-443683c33df8c6c9a4d5766fdbc4ac2d92f0a67c.tar.gz
puppet-sshd-443683c33df8c6c9a4d5766fdbc4ac2d92f0a67c.tar.bz2
OpenSSH HMAC: SHA1 -> SHA2-512 (suggested by duraconf)
-rw-r--r--templates/sshd_config/CentOS.erb2
-rw-r--r--templates/sshd_config/CentOS_Final.erb2
-rw-r--r--templates/sshd_config/Debian_etch.erb2
-rw-r--r--templates/sshd_config/Debian_lenny.erb2
-rw-r--r--templates/sshd_config/Debian_sid.erb2
-rw-r--r--templates/sshd_config/Debian_squeeze.erb2
-rw-r--r--templates/sshd_config/Debian_wheezy.erb2
-rw-r--r--templates/sshd_config/FreeBSD.erb2
-rw-r--r--templates/sshd_config/Gentoo.erb2
-rw-r--r--templates/sshd_config/OpenBSD.erb2
-rw-r--r--templates/sshd_config/Ubuntu.erb2
-rw-r--r--templates/sshd_config/Ubuntu_lucid.erb2
12 files changed, 12 insertions, 12 deletions
diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb
index 0f4bb1f..7498517 100644
--- a/templates/sshd_config/CentOS.erb
+++ b/templates/sshd_config/CentOS.erb
@@ -146,7 +146,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/CentOS_Final.erb b/templates/sshd_config/CentOS_Final.erb
index 0f4bb1f..7498517 100644
--- a/templates/sshd_config/CentOS_Final.erb
+++ b/templates/sshd_config/CentOS_Final.erb
@@ -146,7 +146,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb
index ef4a5d1..75b2931 100644
--- a/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@ -114,7 +114,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb
index 8cbea30..3aaf974 100644
--- a/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@ -119,7 +119,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_sid.erb b/templates/sshd_config/Debian_sid.erb
index 70bb4bf..60c15fa 100644
--- a/templates/sshd_config/Debian_sid.erb
+++ b/templates/sshd_config/Debian_sid.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb
index befd25f..40040d1 100644
--- a/templates/sshd_config/Debian_squeeze.erb
+++ b/templates/sshd_config/Debian_squeeze.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_wheezy.erb b/templates/sshd_config/Debian_wheezy.erb
index 70bb4bf..60c15fa 100644
--- a/templates/sshd_config/Debian_wheezy.erb
+++ b/templates/sshd_config/Debian_wheezy.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/FreeBSD.erb b/templates/sshd_config/FreeBSD.erb
index 090149b..81b7e10 100644
--- a/templates/sshd_config/FreeBSD.erb
+++ b/templates/sshd_config/FreeBSD.erb
@@ -153,7 +153,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb
index 1cb4522..cdd51d8 100644
--- a/templates/sshd_config/Gentoo.erb
+++ b/templates/sshd_config/Gentoo.erb
@@ -149,7 +149,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb
index aa92eb6..ea6e8a8 100644
--- a/templates/sshd_config/OpenBSD.erb
+++ b/templates/sshd_config/OpenBSD.erb
@@ -130,7 +130,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Ubuntu.erb b/templates/sshd_config/Ubuntu.erb
index befd25f..40040d1 100644
--- a/templates/sshd_config/Ubuntu.erb
+++ b/templates/sshd_config/Ubuntu.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Ubuntu_lucid.erb b/templates/sshd_config/Ubuntu_lucid.erb
index cc6e921..4d5f640 100644
--- a/templates/sshd_config/Ubuntu_lucid.erb
+++ b/templates/sshd_config/Ubuntu_lucid.erb
@@ -118,7 +118,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
<% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
<% end -%>
<% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>