aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-03-27change the ssh_keygen function to use different methods depending on ifMicah Anderson
its puppet 3 or puppet 2
2015-03-27Given that ssh -V prints the info we want on stderr, made it so we are 100% ↵Micah Anderson
sure we are only parsing the expected string
2014-11-21Add a $hostkey_type variable that allows you to set which hostkeyMicah Anderson
types you want to support in your sshd_config. We use the ssh_version fact to determine the default hostkey types. Only enable rsa and ed25519 for ssh versions greater or equal to 6.5, otherwise enable rsa and dsa. Some distributions, such as debian, also enable ecdsa as a hostkey type, but this is a known bad NIST curve, so we do not enable that by default (thus deviating from the stock sshd config)
2014-11-21add custom fact, providing ssh_versionMicah Anderson
2014-11-21Merge remote-tracking branch 'tails/feature/jessie-and-sid-templates'Micah Anderson
2014-11-01Merge remote-tracking branch 'immerda/master'Micah Anderson
2014-11-01Revert "get ecdsa host keys in Debian Wheezy"Micah Anderson
This reverts commit 1eabfe1b590f6663c2558f949408a08fc5f58fa6. These shitty NIST curves are no good
2014-09-17Copy the Debian sid template to a new one for Jessie.intrigeri
Another option could be to symlink it, but the freeze is coming soon, so most likely they'll start to diverge at some point.
2014-09-17Resynchronize Debian sid template with the configuration file currently ↵intrigeri
shipped by the package.
2014-08-15move to os release number on centos for selectionmh
2014-06-10Openbsd also does not yet have itmh
2014-06-10EL 6 also does not have this option yetmh
2014-06-10lintig a documentmh
2014-06-10not all versions support the new defaultmh
2014-06-10Merge remote-tracking branch 'shared/master'mh
Conflicts: manifests/init.pp
2014-05-27update $authorized_keys_file variable default to be the default isMicah Anderson
documented by sshd_config(5)
2014-05-27add the ability to override the automatic inclusion of the sshd_clientMicah Anderson
2014-03-14lintingmh
2014-03-14remove unnecessary parammh
2014-02-21renamed ipaddress_fact to sshkey_ipaddresTomas Barton
2014-02-14too tired to typeTomas Barton
2014-02-14fixed variable nameTomas Barton
2014-02-14custom ip address factTomas Barton
2014-02-05add test for optionsmh
2014-02-05wordingmh
2014-02-02tests for ssh authorized keyTomas Barton
2014-02-01Merge pull request #7 from deric/more-testsduritong
More tests
2014-01-27validate parametersTomas Barton
2014-01-27removed lsb-release packageTomas Barton
2014-01-27removed special no-restart status for etchTomas Barton
2014-01-26using fixtures.yml for linking foldersTomas Barton
2014-01-26test changing portTomas Barton
2014-01-26client specTomas Barton
2014-01-26ruby 1.8.7 compatibilityTomas Barton
2014-01-26removed shared-common from dependenciesTomas Barton
2014-01-26basic init class specsTomas Barton
2014-01-26replaces shared-lsb by puppetlabs/stdlibTomas Barton
2014-01-26adjust readmemh
2014-01-26fix broken testsmh
These tests were broken before, because they didn't mock the right method.
2014-01-25removed files directoryTomas Barton
2014-01-25testing infastructure, rspec testsTomas Barton
2014-01-25Merge pull request #5 from deric/masterduritong
removed global variables from readme
2014-01-25default values formattingTomas Barton
2014-01-25formattingTomas Barton
2014-01-25removed global variables from documentation, converted to markdownTomas Barton
2013-12-04no need to have these quotesmh
2013-12-04fix deprecation warning 'Puppet::Util.execute is deprecated; please use ↵mh
Puppet::Util::Execution.execute'
2013-11-29unify centos sshd config and update it to latest upstreammh
2013-11-08get ecdsa host keys in Debian Wheezykwadronaut
2013-05-29rather match the correct service than the parent pidmh
the last approach only matched if someone was logged in with ssh. :/
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 09:10:59 +0000