diff options
| author | Micah Anderson <micah@riseup.net> | 2008-09-26 17:28:05 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2008-09-26 17:28:05 -0400 |
| commit | ba8d788f89e2e8676985b40553a9f6794a322217 (patch) | |
| tree | 2098ca97efe4762c05faf0122b29ca4de20b3c45 /templates/sshd_config | |
| parent | 0a0236b107d255941c75305e0689f52551774435 (diff) | |
| download | puppet-sshd-ba8d788f89e2e8676985b40553a9f6794a322217.tar.gz puppet-sshd-ba8d788f89e2e8676985b40553a9f6794a322217.tar.bz2 | |
add the sshd_strict_modes variable, with the default set to yes
Diffstat (limited to 'templates/sshd_config')
| -rw-r--r-- | templates/sshd_config/CentOS_normal.erb | 8 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_normal.erb | 5 | ||||
| -rw-r--r-- | templates/sshd_config/Gentoo_normal.erb | 8 | ||||
| -rw-r--r-- | templates/sshd_config/OpenBSD_normal.erb | 8 |
4 files changed, 26 insertions, 3 deletions
diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb index dc57680..849d9fb 100644 --- a/templates/sshd_config/CentOS_normal.erb +++ b/templates/sshd_config/CentOS_normal.erb @@ -41,7 +41,13 @@ PermitRootLogin <%= real_sshd_permit_root_login %> <%- else %> PermitRootLogin without-password <%- end %> -#StrictModes yes + +<%- if real_sshd_strict_modes.to_s == 'yes' then %> +StrictModes yes +<%- else %> +StrictModes no +<%- end %> + #MaxAuthTries 6 <%- if real_sshd_rsa_authentication.to_s == 'yes' then %> diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb index deed847..7105dfd 100644 --- a/templates/sshd_config/Debian_normal.erb +++ b/templates/sshd_config/Debian_normal.erb @@ -32,7 +32,12 @@ PermitRootLogin <%= real_sshd_permit_root_login %> <%- else %> PermitRootLogin without-password <%- end %> + +<%- if real_sshd_strict_modes.to_s == 'yes' then %> StrictModes yes +<%- else %> +StrictModes no +<%- end %> <%- if real_sshd_rsa_authentication.to_s == 'yes' then %> RSAAuthentication yes diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb index 3feb4ea..04712bd 100644 --- a/templates/sshd_config/Gentoo_normal.erb +++ b/templates/sshd_config/Gentoo_normal.erb @@ -39,7 +39,13 @@ Protocol 2 #LoginGraceTime 2m PermitRootLogin without-password -#StrictModes yes + +<%- if real_sshd_strict_modes.to_s == 'yes' then %> +StrictModes yes +<%- else %> +StrictModes no +<%- end %> + <%- unless real_sshd_permit_root_login.to_s.empty? then %> PermitRootLogin <%= real_sshd_permit_root_login %> <%- else %> diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb index 47d4a08..b7e4673 100644 --- a/templates/sshd_config/OpenBSD_normal.erb +++ b/templates/sshd_config/OpenBSD_normal.erb @@ -37,7 +37,13 @@ PermitRootLogin <%= real_sshd_permit_root_login %> <%- else %> PermitRootLogin without-password <%- end %> -#StrictModes yes + +<%- if real_sshd_strict_modes.to_s == 'yes' then %> +StrictModes yes +<%- else %> +StrictModes no +<%- end %> + #MaxAuthTries 6 <%- if real_sshd_rsa_authentication.to_s == 'yes' then %> |