aboutsummaryrefslogtreecommitdiff
path: root/templates/sshd_config/Debian_sid.erb
AgeCommit message (Collapse)Author
2015-05-22disable the debian/ubuntu package version from being sent to clientsMatt Taggart
2015-05-07Adjust variable lookup in templates to silence deprecation warnings, fixes #1Jerome Charaoui
2015-05-04Implement enhanced MAC (Message Authentication Codes) according toMicah Anderson
installed version of openssh and https://stribika.github.io/2015/01/04/secure-secure-shell.html
2015-05-04Implement enhanced symmetric cipher selection, based onMicah Anderson
https://stribika.github.io/2015/01/04/secure-secure-shell.html and version of openssh installed
2015-05-04Implement KexAlgorithms settings, based on Key exchange section ofMicah Anderson
https://stribika.github.io/2015/01/04/secure-secure-shell.html Note, that on some systems it is uncertain if they will have a new enough version of openssh installed, so on those a version test is done to see before setting them.
2015-05-04Change 'hardened_ssl' paramter to simply 'hardened', this makes moreMicah Anderson
sense in general
2014-11-21Add a $hostkey_type variable that allows you to set which hostkeyMicah Anderson
types you want to support in your sshd_config. We use the ssh_version fact to determine the default hostkey types. Only enable rsa and ed25519 for ssh versions greater or equal to 6.5, otherwise enable rsa and dsa. Some distributions, such as debian, also enable ecdsa as a hostkey type, but this is a known bad NIST curve, so we do not enable that by default (thus deviating from the stock sshd config)
2014-09-17Resynchronize Debian sid template with the configuration file currently ↵intrigeri
shipped by the package.
2012-06-18correct variable namingmh
2012-06-05new style for 2.7mh
2011-07-21Adding PrintMotd parameter to all templates and setting per-distro default valueSilvio Rhatto
2011-06-21New opt-in support to only use strong SSL ciphers and MACs.intrigeri
The new configuration variable is $sshd_hardened_ssl. Settings were stolen from https://github.com/ioerror/duraconf.git.
2011-02-21remove HostbasedUsesNameFromPacketOnly yes from Debian sshd_config ↵Micah Anderson
templates. This is not set in the Debian templates by default, and the default is actually no, not yes. If someone wishes to make a configuration variable they can, otherwise head/tail_additional options can be used
2011-02-21Resync Debian sid template with the Squeeze's one.intrigeri
Currently, the only difference is LoginGraceTime, that defaults to 600 in sid.
2011-01-30Add sshd_config template for Debian sidGabriel Filion
Debian's unstable branch currently has no template for sshd_config, and thus cannot use the sshd class. Add a template for Debian sid. Signed-off-by: Gabriel Filion <lelutin@gmail.com>