diff options
| -rw-r--r-- | manifests/init.pp | 2 | ||||
| -rw-r--r-- | templates/sshd_config/CentOS_normal.erb | 2 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_normal.erb | 2 | ||||
| -rw-r--r-- | templates/sshd_config/Gentoo_normal.erb | 2 | ||||
| -rw-r--r-- | templates/sshd_config/OpenBSD_normal.erb | 2 |
5 files changed, 5 insertions, 5 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 71f6125..1e0f468 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -52,7 +52,7 @@ define sshd::sshd_config( default => $source, } - $real_allowed_users = $sshd_allowed_users ? { + $real_sshd_allowed_users = $sshd_allowed_users ? { '' => 'root', default => $sshd_allowed_users, } diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb index 6544cbd..739d43b 100644 --- a/templates/sshd_config/CentOS_normal.erb +++ b/templates/sshd_config/CentOS_normal.erb @@ -115,4 +115,4 @@ X11Forwarding no # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server -AllowUsers <%= allowed_users %> +AllowUsers <%= real_sshd_allowed_users %> diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb index bde3a96..746cc0b 100644 --- a/templates/sshd_config/Debian_normal.erb +++ b/templates/sshd_config/Debian_normal.erb @@ -84,4 +84,4 @@ AllowTcpForwarding yes ChallengeResponseAuthentication no -AllowUsers <%= allowed_users %> +AllowUsers <%= real_sshd_allowed_users %> diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb index bfcfb49..aacd07a 100644 --- a/templates/sshd_config/Gentoo_normal.erb +++ b/templates/sshd_config/Gentoo_normal.erb @@ -115,4 +115,4 @@ Subsystem sftp /usr/lib/misc/sftp-server # AllowTcpForwarding no # ForceCommand cvs server -AllowUsers <%= allowed_users %> +AllowUsers <%= real_sshd_allowed_users %> diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb index 6ce7a12..dbf18c8 100644 --- a/templates/sshd_config/OpenBSD_normal.erb +++ b/templates/sshd_config/OpenBSD_normal.erb @@ -93,7 +93,7 @@ PasswordAuthentication no # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server -AllowUsers <%= allowed_users %> +AllowUsers <%= real_sshd_allowed_users %> # Example of overriding settings on a per-user basis #Match User anoncvs |