Add the variable AllowAgentForwarding to be set, with the default of 'no', only the Debian

template was adjusted for this, as my knowledge of the other operating systems is not good enough to determine the appropriate setting there
author: Micah Anderson <micah@riseup.net> 2008-09-26 16:57:59 -0400
committer: Micah Anderson <micah@riseup.net> 2008-09-26 16:57:59 -0400
commit: 3bd90d741c35ae242befd955566e3f28cf76b81b (patch)
tree: 54cad414540edc469a350b657dbebc10340eb45e /templates
parent: e3ce449ff48f8245f7358cd98b59a86d8ddbf9bf (diff)
download: puppet-sshd-3bd90d741c35ae242befd955566e3f28cf76b81b.tar.gz
puppet-sshd-3bd90d741c35ae242befd955566e3f28cf76b81b.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb
index 70c1a34..989fa62 100644
--- a/templates/sshd_config/Debian_normal.erb
+++ b/templates/sshd_config/Debian_normal.erb
@@ -94,9 +94,15 @@ UsePAM no
 
 HostbasedUsesNameFromPacketOnly yes
 AllowTcpForwarding yes
+<%- if real_sshd_agent_forwarding.to_s == 'yes' then %>
+AllowAgentForwarding yes
+<%- else %>
+AllowAgentForwarding no
+<%- end %>
 
 ChallengeResponseAuthentication no
 
 <%- unless real_sshd_allowed_users.to_s.empty? then %>
 AllowUsers <%= real_sshd_allowed_users %>
 <%- end %>
+
author	Micah Anderson <micah@riseup.net>	2008-09-26 16:57:59 -0400
committer	Micah Anderson <micah@riseup.net>	2008-09-26 16:57:59 -0400
commit	3bd90d741c35ae242befd955566e3f28cf76b81b (patch)
tree	54cad414540edc469a350b657dbebc10340eb45e /templates
parent	e3ce449ff48f8245f7358cd98b59a86d8ddbf9bf (diff)
download	puppet-sshd-3bd90d741c35ae242befd955566e3f28cf76b81b.tar.gz puppet-sshd-3bd90d741c35ae242befd955566e3f28cf76b81b.tar.bz2