diff options
| author | intrigeri <intrigeri@boum.org> | 2011-03-06 09:10:44 +0100 |
|---|---|---|
| committer | intrigeri <intrigeri@boum.org> | 2011-06-21 00:27:55 +0200 |
| commit | 34863e959fcd05dd325a658561f14580d49b6764 (patch) | |
| tree | 5deef5ff63629e746d3b3abc6b36b4baf31d2331 /manifests | |
| parent | af76f6cfe70c416cbbf72f9c685a0d54c6eb4afb (diff) | |
| download | puppet-sshd-34863e959fcd05dd325a658561f14580d49b6764.tar.gz puppet-sshd-34863e959fcd05dd325a658561f14580d49b6764.tar.bz2 | |
New opt-in support to only use strong SSL ciphers and MACs.
The new configuration variable is $sshd_hardened_ssl.
Settings were stolen from https://github.com/ioerror/duraconf.git.
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/init.pp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 991fbba..cc5f10e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -77,6 +77,9 @@ class sshd { case $sshd_authorized_keys_file { '': { $sshd_authorized_keys_file = "%h/.ssh/authorized_keys" } } + case $sshd_hardened_ssl { + '': { $sshd_hardened_ssl = 'no' } + } case $sshd_sftp_subsystem { '': { $sshd_sftp_subsystem = '' } } |