New opt-in support to only use strong SSL ciphers and MACs.

The new configuration variable is $sshd_hardened_ssl. Settings were stolen from https://github.com/ioerror/duraconf.git.
author: intrigeri <intrigeri@boum.org> 2011-03-06 09:10:44 +0100
committer: intrigeri <intrigeri@boum.org> 2011-06-21 00:27:55 +0200
commit: 34863e959fcd05dd325a658561f14580d49b6764 (patch)
tree: 5deef5ff63629e746d3b3abc6b36b4baf31d2331 /README
parent: af76f6cfe70c416cbbf72f9c685a0d54c6eb4afb (diff)
download: puppet-sshd-34863e959fcd05dd325a658561f14580d49b6764.tar.gz
puppet-sshd-34863e959fcd05dd325a658561f14580d49b6764.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/README b/README
index fa4214d..9cf253f 100644
--- a/README
+++ b/README
@@ -170,6 +170,10 @@ The following is a list of the currently available variables:
     (e.g. /etc/ssh/authorized_keys/%u). Default: AuthorizedKeysFile
     %h/.ssh/authorized_keys
 
+ $sshd_hardened_ssl
+    Use only strong SSL ciphers and MAC.
+    Values: no or yes; Default: no.
+
  $sshd_sftp_subsystem
     Set a different sftp-subystem than the default one. Might be interesting for
     sftponly usage. Default: empty -> no change of the default
author	intrigeri <intrigeri@boum.org>	2011-03-06 09:10:44 +0100
committer	intrigeri <intrigeri@boum.org>	2011-06-21 00:27:55 +0200
commit	34863e959fcd05dd325a658561f14580d49b6764 (patch)
tree	5deef5ff63629e746d3b3abc6b36b4baf31d2331 /README
parent	af76f6cfe70c416cbbf72f9c685a0d54c6eb4afb (diff)
download	puppet-sshd-34863e959fcd05dd325a658561f14580d49b6764.tar.gz puppet-sshd-34863e959fcd05dd325a658561f14580d49b6764.tar.bz2