diff options
| author | Micah Anderson <micah@riseup.net> | 2008-09-26 17:10:33 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2008-09-26 17:10:33 -0400 |
| commit | 6f5a865b583b1cc2c51484ce03f88be52e2c5b8d (patch) | |
| tree | 6cf437b9fe0b0e4998903506e5f18ef924ea1cd1 /templates | |
| parent | 51c18b6b8f71a925e3c94b459dbc257f2466c453 (diff) | |
| download | puppet-sshd-6f5a865b583b1cc2c51484ce03f88be52e2c5b8d.tar.gz puppet-sshd-6f5a865b583b1cc2c51484ce03f88be52e2c5b8d.tar.bz2 | |
add sshd_pubkey_authentication variable, with the default set to yes
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/sshd_config/CentOS_normal.erb | 6 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_normal.erb | 5 | ||||
| -rw-r--r-- | templates/sshd_config/Gentoo_normal.erb | 6 | ||||
| -rw-r--r-- | templates/sshd_config/OpenBSD_normal.erb | 7 |
4 files changed, 21 insertions, 3 deletions
diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb index a053001..b0bea46 100644 --- a/templates/sshd_config/CentOS_normal.erb +++ b/templates/sshd_config/CentOS_normal.erb @@ -45,7 +45,11 @@ PermitRootLogin without-password #MaxAuthTries 6 #RSAAuthentication yes -#PubkeyAuthentication yes +<%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> +PubkeyAuthentication yes +<%- else %> +PubkeyAuthentication no +<%- end %> #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb index a1d7a45..d105ecc 100644 --- a/templates/sshd_config/Debian_normal.erb +++ b/templates/sshd_config/Debian_normal.erb @@ -35,7 +35,12 @@ PermitRootLogin without-password StrictModes yes RSAAuthentication yes +<%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> PubkeyAuthentication yes +<%- else %> +PubkeyAuthentication no +<%- end %> + #AuthorizedKeysFile %h/.ssh/authorized_keys # rhosts authentication should not be used diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb index 5605f14..3538754 100644 --- a/templates/sshd_config/Gentoo_normal.erb +++ b/templates/sshd_config/Gentoo_normal.erb @@ -48,7 +48,11 @@ PermitRootLogin without-password #MaxAuthTries 6 #RSAAuthentication yes -#PubkeyAuthentication yes +<%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> +PubkeyAuthentication yes +<%- else %> +PubkeyAuthentication no +<%- end %> #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb index 954b420..bee3548 100644 --- a/templates/sshd_config/OpenBSD_normal.erb +++ b/templates/sshd_config/OpenBSD_normal.erb @@ -41,7 +41,12 @@ PermitRootLogin without-password #MaxAuthTries 6 #RSAAuthentication yes -#PubkeyAuthentication yes +<%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> +PubkeyAuthentication yes +<%- else %> +PubkeyAuthentication no +<%- end %> + #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts |