diff options
Diffstat (limited to 'templates/sshd_config')
| -rw-r--r-- | templates/sshd_config/CentOS.erb | 8 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_etch.erb | 8 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_lenny.erb | 11 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_squeeze.erb | 13 | ||||
| -rw-r--r-- | templates/sshd_config/Gentoo.erb | 8 | ||||
| -rw-r--r-- | templates/sshd_config/OpenBSD.erb | 8 |
6 files changed, 25 insertions, 31 deletions
diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb index e1c8419..544effe 100644 --- a/templates/sshd_config/CentOS.erb +++ b/templates/sshd_config/CentOS.erb @@ -16,14 +16,12 @@ # only protocol 2 Protocol 2 -<%- unless sshd_port.to_s.empty? then -%> -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port %> <% end -%> -<%- else -%> -Port 22 <%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb index 7a38cc4..d0d7175 100644 --- a/templates/sshd_config/Debian_etch.erb +++ b/templates/sshd_config/Debian_etch.erb @@ -6,14 +6,12 @@ <%- end %> # What ports, IPs and protocols we listen for -<%- unless sshd_port.to_s.empty? then -%> -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port %> <% end -%> -<%- else -%> -Port 22 <%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index bdccec2..ea04fe6 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -6,14 +6,12 @@ <%- end %> # What ports, IPs and protocols we listen for -<%- unless sshd_port.to_s.empty? then -%> -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port %> <% end -%> -<%- else -%> -Port 22 <%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to @@ -138,6 +136,9 @@ KeepAlive yes #Banner /etc/issue.net #ReverseMappingCheck yes +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + <%- if sshd_sftp_subsystem.to_s.empty? then %> Subsystem sftp /usr/lib/openssh/sftp-server <%- else %> diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb index d371ed1..09f4351 100644 --- a/templates/sshd_config/Debian_squeeze.erb +++ b/templates/sshd_config/Debian_squeeze.erb @@ -8,15 +8,14 @@ <%- end %> # What ports, IPs and protocols we listen for -<%- unless sshd_port.to_s.empty? then -%> -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port %> <% end -%> -<%- else -%> -Port 22 -<%- end %> +<%- end -%> + # Use these options to restrict which interfaces/protocols sshd will bind to <% for address in sshd_listen_address -%> ListenAddress <%= address %> @@ -179,6 +178,8 @@ UsePAM yes UsePAM no <%- end -%> +HostbasedUsesNameFromPacketOnly yes + <%- if sshd_tcp_forwarding.to_s == 'yes' then -%> AllowTcpForwarding yes <%- else -%> diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb index 2112f0d..768d3f5 100644 --- a/templates/sshd_config/Gentoo.erb +++ b/templates/sshd_config/Gentoo.erb @@ -14,14 +14,12 @@ <%= sshd_head_additional_options %> <%- end %> -<%- unless sshd_port.to_s.empty? then -%> -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port %> <% end -%> -<%- else -%> -Port 22 <%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb index 69e8afa..51662d3 100644 --- a/templates/sshd_config/OpenBSD.erb +++ b/templates/sshd_config/OpenBSD.erb @@ -12,14 +12,12 @@ <%= sshd_head_additional_options %> <%- end %> -<%- unless sshd_port.to_s.empty? then -%> -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port %> <% end -%> -<%- else -%> -Port 22 <%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to |