Merge branch 'master' of git://labs.riseup.net/shared-sshd

author: Silvio Rhatto <rhatto@riseup.net> 2011-07-13 18:39:18 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2011-07-13 18:39:18 -0300
commit: 99928cd61e67836d39aad9e2b2ce8b06badf0f0b (patch)
tree: 0900294971db6f5781a99424ff9842291b700b8f /templates/sshd_config/Debian_etch.erb
parent: 4d73d3784e074b719ef43efe152cb7d38ce24c7e (diff)
parent: 779d27e0ae3e5430d11ea5b3084893c16466b5c0 (diff)
download: puppet-sshd-99928cd61e67836d39aad9e2b2ce8b06badf0f0b.tar.gz
puppet-sshd-99928cd61e67836d39aad9e2b2ce8b06badf0f0b.tar.bz2
1 files changed, 5 insertions, 4 deletions
diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb
index 562b1ef..93fefc2 100644
--- a/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@ -157,16 +157,12 @@ UsePAM yes
 UsePAM no
 <%- end -%>
 
-HostbasedUsesNameFromPacketOnly yes
-
 <%- if sshd_tcp_forwarding.to_s == 'yes' then -%>
 AllowTcpForwarding yes
 <%- else -%>
 AllowTcpForwarding no
 <%- end -%>
 
-ChallengeResponseAuthentication no
-
 <%- unless sshd_allowed_users.to_s.empty? then -%>
 AllowUsers <%= sshd_allowed_users -%>
 <%- end -%>
@@ -178,6 +174,11 @@ AllowGroups <%= sshd_allowed_groups %>
   PrintMotd no
 <%- end -%>
 
+<%- if sshd_hardened_ssl.to_s == 'yes' then -%>
+Ciphers aes256-ctr
+MACs hmac-sha1
+<%- end -%>
+
 <%- unless sshd_tail_additional_options.to_s.empty? then %>
 <%= sshd_tail_additional_options %>
 <%- end %>
author	Silvio Rhatto <rhatto@riseup.net>	2011-07-13 18:39:18 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2011-07-13 18:39:18 -0300
commit	99928cd61e67836d39aad9e2b2ce8b06badf0f0b (patch)
tree	0900294971db6f5781a99424ff9842291b700b8f /templates/sshd_config/Debian_etch.erb
parent	4d73d3784e074b719ef43efe152cb7d38ce24c7e (diff)
parent	779d27e0ae3e5430d11ea5b3084893c16466b5c0 (diff)
download	puppet-sshd-99928cd61e67836d39aad9e2b2ce8b06badf0f0b.tar.gz puppet-sshd-99928cd61e67836d39aad9e2b2ce8b06badf0f0b.tar.bz2