Age | Commit message (Collapse) | Author |
|
Conflicts:
README
templates/sshd_config/CentOS.erb
templates/sshd_config/CentOS_Final.erb
templates/sshd_config/Debian_etch.erb
templates/sshd_config/Debian_jessie.erb
templates/sshd_config/Debian_sid.erb
templates/sshd_config/Debian_squeeze.erb
templates/sshd_config/Debian_wheezy.erb
templates/sshd_config/Ubuntu_trusty.erb
|
|
|
|
installed version of openssh and https://stribika.github.io/2015/01/04/secure-secure-shell.html
|
|
https://stribika.github.io/2015/01/04/secure-secure-shell.html and
version of openssh installed
|
|
https://stribika.github.io/2015/01/04/secure-secure-shell.html
Note, that on some systems it is uncertain if they will have a new
enough version of openssh installed, so on those a version test is done
to see before setting them.
|
|
sense in general
|
|
types you want to support in your sshd_config.
We use the ssh_version fact to determine the default hostkey types.
Only enable rsa and ed25519 for ssh versions greater or equal
to 6.5, otherwise enable rsa and dsa.
Some distributions, such as debian, also enable ecdsa as a hostkey
type, but this is a known bad NIST curve, so we do not enable that
by default (thus deviating from the stock sshd config)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It is the only sshd_config template that didn't have this option, so
copy it from the other templates.
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
|
|
|
|
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
|
|
Since there is no "catch-all" default configuration file for sshd, we
need to add for each OS.
Add a template for FreeBSD so that sshd can be configured on this OS.
Signed-off-by: Gabriel Filion <lelutin@gmail.com>
|