diff options
| -rw-r--r-- | manifests/init.pp | 4 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_lenny.erb | 2 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_squeeze.erb | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index b4e4788..bfefaab 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -95,8 +95,8 @@ class sshd { case $sshd_shared_ip { '': { $sshd_shared_ip = "no" } } - case $sshd_perfect_forward_secrecy { - '': { $sshd_perfect_forward_secrecy = "no" } + case $sshd_use_strong_ciphers { + '': { $sshd_use_strong_ciphers = "no" } } include sshd::client diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index ea04fe6..e85eab3 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -189,7 +189,7 @@ PrintMotd no <%= sshd_tail_additional_options %> <%- end %> -<%- if sshd_perfect_forward_secrecy.to_s == 'yes' then -%> +<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> Ciphers aes256-ctr MACs hmac-sha1 <%- end %> diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb index 09f4351..38f8657 100644 --- a/templates/sshd_config/Debian_squeeze.erb +++ b/templates/sshd_config/Debian_squeeze.erb @@ -203,7 +203,7 @@ AllowGroups <%= sshd_allowed_groups %> <%= sshd_tail_additional_options %> <%- end %> -<%- if sshd_perfect_forward_secrecy.to_s == 'yes' then -%> +<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> Ciphers aes256-ctr MACs hmac-sha1 <%- end %> |