aboutsummaryrefslogtreecommitdiff
path: root/templates/sshd_config/Debian_normal.erb
diff options
context:
space:
mode:
authorMicah Anderson <micah@riseup.net>2008-09-26 16:57:59 -0400
committerMicah Anderson <micah@riseup.net>2008-09-26 16:57:59 -0400
commit3bd90d741c35ae242befd955566e3f28cf76b81b (patch)
tree54cad414540edc469a350b657dbebc10340eb45e /templates/sshd_config/Debian_normal.erb
parente3ce449ff48f8245f7358cd98b59a86d8ddbf9bf (diff)
downloadpuppet-sshd-3bd90d741c35ae242befd955566e3f28cf76b81b.tar.gz
puppet-sshd-3bd90d741c35ae242befd955566e3f28cf76b81b.tar.bz2
Add the variable AllowAgentForwarding to be set, with the default of 'no', only the Debian
template was adjusted for this, as my knowledge of the other operating systems is not good enough to determine the appropriate setting there
Diffstat (limited to 'templates/sshd_config/Debian_normal.erb')
-rw-r--r--templates/sshd_config/Debian_normal.erb6
1 files changed, 6 insertions, 0 deletions
diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb
index 70c1a34..989fa62 100644
--- a/templates/sshd_config/Debian_normal.erb
+++ b/templates/sshd_config/Debian_normal.erb
@@ -94,9 +94,15 @@ UsePAM no
HostbasedUsesNameFromPacketOnly yes
AllowTcpForwarding yes
+<%- if real_sshd_agent_forwarding.to_s == 'yes' then %>
+AllowAgentForwarding yes
+<%- else %>
+AllowAgentForwarding no
+<%- end %>
ChallengeResponseAuthentication no
<%- unless real_sshd_allowed_users.to_s.empty? then %>
AllowUsers <%= real_sshd_allowed_users %>
<%- end %>
+