Fact ::ssh_version not being evaluated in templates at wheezy and trusty

author: Silvio Rhatto <rhatto@riseup.net> 2016-03-21 12:25:34 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2016-03-21 12:25:34 -0300
commit: dc91f7ac1795145c668ca126918582569e95d815 (patch)
tree: cc142ed527f4cfdfde7867fca99c2823a7d55e67 /templates/sshd_config/Debian_wheezy.erb
parent: 7839e7b114ab0886d49112f780e763c978c7f251 (diff)
download: puppet-sshd-dc91f7ac1795145c668ca126918582569e95d815.tar.gz
puppet-sshd-dc91f7ac1795145c668ca126918582569e95d815.tar.bz2
1 files changed, 0 insertions, 5 deletions
diff --git a/templates/sshd_config/Debian_wheezy.erb b/templates/sshd_config/Debian_wheezy.erb
index bcb1528..ea0568f 100644
--- a/templates/sshd_config/Debian_wheezy.erb
+++ b/templates/sshd_config/Debian_wheezy.erb
@@ -117,14 +117,9 @@ AllowGroups <%= s %>
 <%- end -%>
 
 <% if scope.lookupvar('::sshd::hardened') == 'yes' -%>
-<% if (scope.function_versioncmp([scope.lookupvar('::ssh_version'),'6.5'])) >= 0 -%>
 KexAlgorithms curve25519-sha256@libssh.org
 Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
-<% else -%>
-Ciphers aes256-ctr
-MACs hmac-sha2-512
-<% end -%>
 <% end -%>
 
 <% unless (s=scope.lookupvar('::sshd::tail_additional_options')).empty? -%>
author	Silvio Rhatto <rhatto@riseup.net>	2016-03-21 12:25:34 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2016-03-21 12:25:34 -0300
commit	dc91f7ac1795145c668ca126918582569e95d815 (patch)
tree	cc142ed527f4cfdfde7867fca99c2823a7d55e67 /templates/sshd_config/Debian_wheezy.erb
parent	7839e7b114ab0886d49112f780e763c978c7f251 (diff)
download	puppet-sshd-dc91f7ac1795145c668ca126918582569e95d815.tar.gz puppet-sshd-dc91f7ac1795145c668ca126918582569e95d815.tar.bz2