Adding sshd_use_strong_ciphers to all sshd_config templates

author: Silvio Rhatto <rhatto@riseup.net> 2011-02-23 14:40:02 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2011-02-23 14:40:02 -0300
commit: 75105d66d89671943a1eb1f37573b4e63dd33919 (patch)
tree: 2088a94dd636c4cbe80dbc80c8c235fa4c233e46 /templates/sshd_config/CentOS.erb
parent: 9ac4697eb546304ebc20d85aeeb93a73ca0fed5c (diff)
download: puppet-sshd-75105d66d89671943a1eb1f37573b4e63dd33919.tar.gz
puppet-sshd-75105d66d89671943a1eb1f37573b4e63dd33919.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb
index 544effe..f2ad175 100644
--- a/templates/sshd_config/CentOS.erb
+++ b/templates/sshd_config/CentOS.erb
@@ -207,3 +207,8 @@ AllowGroups <%= sshd_allowed_groups %>
 <%- unless sshd_tail_additional_options.to_s.empty? then %>
 <%= sshd_tail_additional_options %>
 <%- end %>
+
+<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%>
+Ciphers aes128-ctr
+MACs hmac-sha1
+<%- end %>
author	Silvio Rhatto <rhatto@riseup.net>	2011-02-23 14:40:02 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2011-02-23 14:40:02 -0300
commit	75105d66d89671943a1eb1f37573b4e63dd33919 (patch)
tree	2088a94dd636c4cbe80dbc80c8c235fa4c233e46 /templates/sshd_config/CentOS.erb
parent	9ac4697eb546304ebc20d85aeeb93a73ca0fed5c (diff)
download	puppet-sshd-75105d66d89671943a1eb1f37573b4e63dd33919.tar.gz puppet-sshd-75105d66d89671943a1eb1f37573b4e63dd33919.tar.bz2