diff options
author | Micah Anderson <micah@riseup.net> | 2008-09-26 17:34:09 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2008-09-26 17:44:16 -0400 |
commit | 06163fbb920bf7f8dbb7ae2018e1f861003ed9ce (patch) | |
tree | c299cb9d7ce8cb2e9b55ed659e69c85fd6b1615a /templates/sshd_config/CentOS_normal.erb | |
parent | 9edd2705d4c59ac8cb75a67b587d06d32cb5e6c6 (diff) | |
download | puppet-sshd-06163fbb920bf7f8dbb7ae2018e1f861003ed9ce.tar.gz puppet-sshd-06163fbb920bf7f8dbb7ae2018e1f861003ed9ce.tar.bz2 |
added sshd_rhosts_rsa_authentication variable, default set to no
added sshd_hostbased_authentication variable, default set to no
Diffstat (limited to 'templates/sshd_config/CentOS_normal.erb')
-rw-r--r-- | templates/sshd_config/CentOS_normal.erb | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb index e2b4005..0dbe4e6 100644 --- a/templates/sshd_config/CentOS_normal.erb +++ b/templates/sshd_config/CentOS_normal.erb @@ -64,9 +64,19 @@ PubkeyAuthentication no #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#RhostsRSAAuthentication no +<%- if real_sshd_rhosts_rsa_authentication.to_s == 'yes' then %> +RhostsRSAAuthentication yes +<%- else %> +RhostsRSAAuthentication no +<% end -%> + # similar for protocol version 2 -#HostbasedAuthentication no +<%- if real_sshd_hostbased_authentication.to_s == 'yes' then %> +HostbasedAuthentication yes +<%- else %> +HostbasedAuthentication no +<% end -%> + # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no |