diff options
author | Jerome Charaoui <jcharaoui@cmaisonneuve.qc.ca> | 2015-10-09 17:23:30 +0000 |
---|---|---|
committer | Jerome Charaoui <jcharaoui@cmaisonneuve.qc.ca> | 2015-10-09 17:23:30 +0000 |
commit | 571373e0817a6441fb53303736a4666f2a672f26 (patch) | |
tree | ffeb29d743bf2705bee2bc40f7829e29ca74b085 /templates/sshd_config/Ubuntu.erb | |
parent | e36a294dceb9504327af84c72f6fb6d4489aeea0 (diff) | |
parent | b682edaae3c4f44003fa188ff564c6ba4cd43927 (diff) | |
download | puppet-sshd-571373e0817a6441fb53303736a4666f2a672f26.tar.gz puppet-sshd-571373e0817a6441fb53303736a4666f2a672f26.tar.bz2 |
Merge branch 'disable_debian_banner' into 'master'
disable the debian/ubuntu package version from being sent to clients
dkg pointed out to riseup that our ssh servers were revealing the package version to clients, which is controlled by the DebianBanner config option. It exists in both Debian and Ubuntu and defaults to 'yes', so we explicitly set it to 'no' in the templates for those distros.
See merge request !17
Diffstat (limited to 'templates/sshd_config/Ubuntu.erb')
-rw-r--r-- | templates/sshd_config/Ubuntu.erb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/templates/sshd_config/Ubuntu.erb b/templates/sshd_config/Ubuntu.erb index c71e00b..a326ab8 100644 --- a/templates/sshd_config/Ubuntu.erb +++ b/templates/sshd_config/Ubuntu.erb @@ -87,6 +87,8 @@ TCPKeepAlive yes #MaxStartups 10:30:60 #Banner /etc/issue.net +# do not reveal debian version (default is yes) +DebianBanner no # Allow client to pass locale environment variables AcceptEnv LANG LC_* |