aboutsummaryrefslogtreecommitdiff
path: root/templates/sshd_config
diff options
context:
space:
mode:
Diffstat (limited to 'templates/sshd_config')
-rw-r--r--templates/sshd_config/CentOS.erb8
-rw-r--r--templates/sshd_config/Debian_etch.erb8
-rw-r--r--templates/sshd_config/Debian_lenny.erb11
-rw-r--r--templates/sshd_config/Debian_squeeze.erb13
-rw-r--r--templates/sshd_config/Gentoo.erb8
-rw-r--r--templates/sshd_config/OpenBSD.erb8
6 files changed, 25 insertions, 31 deletions
diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb
index e1c8419..544effe 100644
--- a/templates/sshd_config/CentOS.erb
+++ b/templates/sshd_config/CentOS.erb
@@ -16,14 +16,12 @@
# only protocol 2
Protocol 2
-<%- unless sshd_port.to_s.empty? then -%>
-<%- if sshd_port.to_s == 'off' then -%>
+<%- sshd_ports.each do |port| -%>
+<%- if port.to_s == 'off' then -%>
#Port -- disabled by puppet
<% else -%>
-Port <%= sshd_port -%>
+Port <%= port %>
<% end -%>
-<%- else -%>
-Port 22
<%- end -%>
# Use these options to restrict which interfaces/protocols sshd will bind to
diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb
index 7a38cc4..d0d7175 100644
--- a/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@ -6,14 +6,12 @@
<%- end %>
# What ports, IPs and protocols we listen for
-<%- unless sshd_port.to_s.empty? then -%>
-<%- if sshd_port.to_s == 'off' then -%>
+<%- sshd_ports.each do |port| -%>
+<%- if port.to_s == 'off' then -%>
#Port -- disabled by puppet
<% else -%>
-Port <%= sshd_port -%>
+Port <%= port %>
<% end -%>
-<%- else -%>
-Port 22
<%- end -%>
# Use these options to restrict which interfaces/protocols sshd will bind to
diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb
index bdccec2..ea04fe6 100644
--- a/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@ -6,14 +6,12 @@
<%- end %>
# What ports, IPs and protocols we listen for
-<%- unless sshd_port.to_s.empty? then -%>
-<%- if sshd_port.to_s == 'off' then -%>
+<%- sshd_ports.each do |port| -%>
+<%- if port.to_s == 'off' then -%>
#Port -- disabled by puppet
<% else -%>
-Port <%= sshd_port -%>
+Port <%= port %>
<% end -%>
-<%- else -%>
-Port 22
<%- end -%>
# Use these options to restrict which interfaces/protocols sshd will bind to
@@ -138,6 +136,9 @@ KeepAlive yes
#Banner /etc/issue.net
#ReverseMappingCheck yes
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
<%- if sshd_sftp_subsystem.to_s.empty? then %>
Subsystem sftp /usr/lib/openssh/sftp-server
<%- else %>
diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb
index d371ed1..09f4351 100644
--- a/templates/sshd_config/Debian_squeeze.erb
+++ b/templates/sshd_config/Debian_squeeze.erb
@@ -8,15 +8,14 @@
<%- end %>
# What ports, IPs and protocols we listen for
-<%- unless sshd_port.to_s.empty? then -%>
-<%- if sshd_port.to_s == 'off' then -%>
+<%- sshd_ports.each do |port| -%>
+<%- if port.to_s == 'off' then -%>
#Port -- disabled by puppet
<% else -%>
-Port <%= sshd_port -%>
+Port <%= port %>
<% end -%>
-<%- else -%>
-Port 22
-<%- end %>
+<%- end -%>
+
# Use these options to restrict which interfaces/protocols sshd will bind to
<% for address in sshd_listen_address -%>
ListenAddress <%= address %>
@@ -179,6 +178,8 @@ UsePAM yes
UsePAM no
<%- end -%>
+HostbasedUsesNameFromPacketOnly yes
+
<%- if sshd_tcp_forwarding.to_s == 'yes' then -%>
AllowTcpForwarding yes
<%- else -%>
diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb
index 2112f0d..768d3f5 100644
--- a/templates/sshd_config/Gentoo.erb
+++ b/templates/sshd_config/Gentoo.erb
@@ -14,14 +14,12 @@
<%= sshd_head_additional_options %>
<%- end %>
-<%- unless sshd_port.to_s.empty? then -%>
-<%- if sshd_port.to_s == 'off' then -%>
+<%- sshd_ports.each do |port| -%>
+<%- if port.to_s == 'off' then -%>
#Port -- disabled by puppet
<% else -%>
-Port <%= sshd_port -%>
+Port <%= port %>
<% end -%>
-<%- else -%>
-Port 22
<%- end -%>
# Use these options to restrict which interfaces/protocols sshd will bind to
diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb
index 69e8afa..51662d3 100644
--- a/templates/sshd_config/OpenBSD.erb
+++ b/templates/sshd_config/OpenBSD.erb
@@ -12,14 +12,12 @@
<%= sshd_head_additional_options %>
<%- end %>
-<%- unless sshd_port.to_s.empty? then -%>
-<%- if sshd_port.to_s == 'off' then -%>
+<%- sshd_ports.each do |port| -%>
+<%- if port.to_s == 'off' then -%>
#Port -- disabled by puppet
<% else -%>
-Port <%= sshd_port -%>
+Port <%= port %>
<% end -%>
-<%- else -%>
-Port 22
<%- end -%>
# Use these options to restrict which interfaces/protocols sshd will bind to