refactor(map): use top-level values: key in map.jinja dumps
* Semi-automated using https://github.com/myii/ssf-formula/pull/284
This commit is contained in:
Imran Iqbal
parent
f941871f0b
commit
37597e5b12
@ -1,9 +1,9 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# {{ grains.get('osfinger', grains.os) }}
|
# {{ grains.get("osfinger", grains.os) }}
|
||||||
---
|
---
|
||||||
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
|
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
|
||||||
{{ salt['slsutil.serialize'](
|
{{ salt["slsutil.serialize"](
|
||||||
'yaml',
|
"yaml",
|
||||||
map,
|
map,
|
||||||
default_flow_style=False,
|
default_flow_style=False,
|
||||||
allow_unicode=True,
|
allow_unicode=True,
|
||||||
|
|||||||
@ -2,13 +2,16 @@
|
|||||||
# vim: ft=sls
|
# vim: ft=sls
|
||||||
---
|
---
|
||||||
{#- Get the `tplroot` from `tpldir` #}
|
{#- Get the `tplroot` from `tpldir` #}
|
||||||
{%- set tplroot = tpldir.split('/')[0] %}
|
{%- set tplroot = tpldir.split("/")[0] %}
|
||||||
{%- from tplroot ~ "/map.jinja" import mapdata with context %}
|
{%- from tplroot ~ "/map.jinja" import mapdata with context %}
|
||||||
|
|
||||||
{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %}
|
{%- set _mapdata = {
|
||||||
|
"values": mapdata,
|
||||||
|
} %}
|
||||||
|
{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %}
|
||||||
|
|
||||||
{%- set output_dir = '/temp' if grains.os_family == 'Windows' else '/tmp' %}
|
{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %}
|
||||||
{%- set output_file = output_dir ~ '/salt_mapdata_dump.yaml' %}
|
{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %}
|
||||||
|
|
||||||
{{ tplroot }}-mapdata-dump:
|
{{ tplroot }}-mapdata-dump:
|
||||||
file.managed:
|
file.managed:
|
||||||
@ -16,4 +19,4 @@
|
|||||||
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
|
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
|
||||||
- template: jinja
|
- template: jinja
|
||||||
- context:
|
- context:
|
||||||
map: {{ mapdata | yaml }}
|
map: {{ _mapdata | yaml }}
|
||||||
|
|||||||
@ -5,19 +5,43 @@ require 'yaml'
|
|||||||
control '`map.jinja` YAML dump' do
|
control '`map.jinja` YAML dump' do
|
||||||
title 'should match the comparison file'
|
title 'should match the comparison file'
|
||||||
|
|
||||||
|
### Method
|
||||||
|
# The steps below for each file appear convoluted but they are both required
|
||||||
|
# and similar in nature:
|
||||||
|
# 1. The earliest method was to simply compare the files textually but this often
|
||||||
|
# led to false positives due to inconsistencies (e.g. spacing, ordering)
|
||||||
|
# 2. The next method was to load the files back into YAML structures and then
|
||||||
|
# compare but InSpec provided block diffs this way, unusable by end users
|
||||||
|
# 3. The final step was to dump the YAML structures back into a string to use
|
||||||
|
# for the comparison; this both worked and provided human-friendly diffs
|
||||||
|
|
||||||
|
### Comparison file for the specific platform
|
||||||
|
### Static, adjusted as part of code contributions, as map data is changed
|
||||||
# Strip the `platform[:finger]` version number down to the "OS major release"
|
# Strip the `platform[:finger]` version number down to the "OS major release"
|
||||||
mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml"
|
platform_finger = system.platform[:finger].split('.').first.to_s
|
||||||
|
# Use that to set the path to the file (relative to the InSpec suite directory)
|
||||||
|
mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
|
||||||
|
# Load the mapdata from profile, into a YAML structure
|
||||||
|
# https://docs.chef.io/inspec/profiles/#profile-files
|
||||||
|
mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path))
|
||||||
|
# Dump the YAML back into a string for comparison
|
||||||
|
mapdata_file_dump = YAML.dump(mapdata_file_yaml)
|
||||||
|
|
||||||
# Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files
|
### Output file produced by running the `_mapdata` state
|
||||||
mapdata_dump = YAML.safe_load(inspec.profile.file(mapdata_file))
|
### Dynamic, generated during Kitchen's `converge` phase
|
||||||
|
# Derive the location of the dumped mapdata (differs for Windows)
|
||||||
# Derive the location of the dumped mapdata
|
|
||||||
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
|
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
|
||||||
output_file = "#{output_dir}/salt_mapdata_dump.yaml"
|
# Use that to set the path to the file (absolute path, i.e. within the container)
|
||||||
|
output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
|
||||||
|
# Load the output into a YAML structure using InSpec's `yaml` resource
|
||||||
|
# https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
|
||||||
|
output_file_yaml = yaml(output_file_path).params
|
||||||
|
# Dump the YAML back into a string for comparison
|
||||||
|
output_file_dump = YAML.dump(output_file_yaml)
|
||||||
|
|
||||||
describe 'File content' do
|
describe 'File content' do
|
||||||
it 'should match profile map data exactly' do
|
it 'should match profile map data exactly' do
|
||||||
expect(yaml(output_file).params).to eq(mapdata_dump)
|
expect(output_file_dump).to eq(mapdata_file_dump)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Amazon Linux AMI-2018
|
# Amazon Linux AMI-2018
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Amazon Linux-2
|
# Amazon Linux-2
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Arch
|
# Arch
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh
|
'
|
||||||
client_version: latest
|
client: openssh
|
||||||
dig_pkg: bind
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh
|
server: openssh
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# CentOS-6
|
# CentOS-6
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,rsa
|
host_key_algos: ecdsa,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# CentOS Linux-7
|
# CentOS Linux-7
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# CentOS Linux-8
|
# CentOS Linux-8
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Debian-10
|
# Debian-10
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-client
|
'
|
||||||
client_version: latest
|
client: openssh-client
|
||||||
dig_pkg: dnsutils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: dnsutils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: ssh
|
service: ssh
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Debian-9
|
# Debian-9
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-client
|
'
|
||||||
client_version: latest
|
client: openssh-client
|
||||||
dig_pkg: dnsutils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: dnsutils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: ssh
|
service: ssh
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Fedora-31
|
# Fedora-31
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Fedora-32
|
# Fedora-32
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-clients
|
'
|
||||||
client_version: latest
|
client: openssh-clients
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Leap-15
|
# Leap-15
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh
|
'
|
||||||
client_version: latest
|
client: openssh
|
||||||
dig_pkg: bind-utils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: bind-utils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh
|
server: openssh
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: sshd
|
service: sshd
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Ubuntu-16.04
|
# Ubuntu-16.04
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-client
|
'
|
||||||
client_version: latest
|
client: openssh-client
|
||||||
dig_pkg: dnsutils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: dnsutils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: ssh
|
service: ssh
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Ubuntu-18.04
|
# Ubuntu-18.04
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-client
|
'
|
||||||
client_version: latest
|
client: openssh-client
|
||||||
dig_pkg: dnsutils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: dnsutils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: ssh
|
service: ssh
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
@ -1,176 +1,177 @@
|
|||||||
# yamllint disable rule:indentation rule:line-length
|
# yamllint disable rule:indentation rule:line-length
|
||||||
# Ubuntu-20.04
|
# Ubuntu-20.04
|
||||||
---
|
---
|
||||||
map_jinja:
|
values:
|
||||||
config_get_roots:
|
map_jinja:
|
||||||
- openssh
|
config_get_roots:
|
||||||
- sshd_config
|
- openssh
|
||||||
- ssh_config
|
- sshd_config
|
||||||
openssh:
|
- ssh_config
|
||||||
absent_dsa_keys: false
|
openssh:
|
||||||
absent_ecdsa_keys: false
|
absent_dsa_keys: false
|
||||||
absent_ed25519_keys: false
|
absent_ecdsa_keys: false
|
||||||
absent_rsa_keys: false
|
absent_ed25519_keys: false
|
||||||
auth:
|
absent_rsa_keys: false
|
||||||
joe-non-valid-ssh-key:
|
auth:
|
||||||
- comment: obsolete key - removed
|
joe-non-valid-ssh-key:
|
||||||
enc: ssh-rsa
|
- comment: obsolete key - removed
|
||||||
present: false
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.no-valid.pub
|
present: false
|
||||||
user: joe
|
source: salt://ssh_keys/joe.no-valid.pub
|
||||||
joe-valid-ssh-key-desktop:
|
user: joe
|
||||||
- comment: main key - desktop
|
joe-valid-ssh-key-desktop:
|
||||||
enc: ssh-rsa
|
- comment: main key - desktop
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.desktop.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.desktop.pub
|
||||||
joe-valid-ssh-key-notebook:
|
user: joe
|
||||||
- comment: main key - notebook
|
joe-valid-ssh-key-notebook:
|
||||||
enc: ssh-rsa
|
- comment: main key - notebook
|
||||||
present: true
|
enc: ssh-rsa
|
||||||
source: salt://ssh_keys/joe.netbook.pub
|
present: true
|
||||||
user: joe
|
source: salt://ssh_keys/joe.netbook.pub
|
||||||
auth_map:
|
user: joe
|
||||||
personal_keys:
|
auth_map:
|
||||||
source: salt://ssh_keys
|
personal_keys:
|
||||||
users:
|
source: salt://ssh_keys
|
||||||
joe:
|
users:
|
||||||
joe.desktop: {}
|
joe:
|
||||||
joe.netbook:
|
joe.desktop: {}
|
||||||
options: []
|
joe.netbook:
|
||||||
joe.no-valid:
|
options: []
|
||||||
present: false
|
joe.no-valid:
|
||||||
banner: /etc/ssh/banner
|
present: false
|
||||||
banner_src: banner
|
banner: /etc/ssh/banner
|
||||||
banner_string: 'Welcome to example.net!
|
banner_src: banner
|
||||||
'
|
banner_string: 'Welcome to example.net!
|
||||||
client: openssh-client
|
'
|
||||||
client_version: latest
|
client: openssh-client
|
||||||
dig_pkg: dnsutils
|
client_version: latest
|
||||||
dsa:
|
dig_pkg: dnsutils
|
||||||
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
dsa:
|
||||||
|
private_key: '-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END DSA PRIVATE KEY-----
|
-----END DSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-dss NOT_DEFINED
|
public_key: 'ssh-dss NOT_DEFINED
|
||||||
'
|
'
|
||||||
ecdsa:
|
ecdsa:
|
||||||
private_key: '-----BEGIN EC PRIVATE KEY-----
|
private_key: '-----BEGIN EC PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END EC PRIVATE KEY-----
|
-----END EC PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
|
||||||
'
|
'
|
||||||
ed25519:
|
ed25519:
|
||||||
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-ed25519 NOT_DEFINED
|
public_key: 'ssh-ed25519 NOT_DEFINED
|
||||||
'
|
'
|
||||||
enforce_rsa_size: false
|
enforce_rsa_size: false
|
||||||
generate_dsa_keys: false
|
generate_dsa_keys: false
|
||||||
generate_ecdsa_keys: false
|
generate_ecdsa_keys: false
|
||||||
generate_ed25519_keys: false
|
generate_ed25519_keys: false
|
||||||
generate_rsa_keys: false
|
generate_rsa_keys: false
|
||||||
generate_rsa_size: 4096
|
generate_rsa_size: 4096
|
||||||
host_key_algos: ecdsa,ed25519,rsa
|
host_key_algos: ecdsa,ed25519,rsa
|
||||||
known_hosts:
|
known_hosts:
|
||||||
aliases:
|
aliases:
|
||||||
- cname-to-minion.example.org
|
- cname-to-minion.example.org
|
||||||
- alias.example.org
|
- alias.example.org
|
||||||
hostnames: false
|
hostnames: false
|
||||||
include_localhost: false
|
include_localhost: false
|
||||||
mine_hostname_function: public_ssh_hostname
|
mine_hostname_function: public_ssh_hostname
|
||||||
mine_keys_function: public_ssh_host_keys
|
mine_keys_function: public_ssh_host_keys
|
||||||
omit_ip_address:
|
omit_ip_address:
|
||||||
- github.com
|
- github.com
|
||||||
salt_ssh:
|
salt_ssh:
|
||||||
public_ssh_host_keys:
|
public_ssh_host_keys:
|
||||||
minion.id: 'ssh-rsa [...]
|
minion.id: 'ssh-rsa [...]
|
||||||
|
|
||||||
ssh-ed25519 [...]
|
ssh-ed25519 [...]
|
||||||
'
|
'
|
||||||
public_ssh_host_names:
|
public_ssh_host_names:
|
||||||
minion.id:
|
minion.id:
|
||||||
- minion.id
|
- minion.id
|
||||||
- alias.of.minion.id
|
- alias.of.minion.id
|
||||||
user: salt-master
|
user: salt-master
|
||||||
static:
|
static:
|
||||||
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
|
||||||
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
|
||||||
target: '*'
|
target: '*'
|
||||||
tgt_type: glob
|
tgt_type: glob
|
||||||
moduli: '# Time Type Tests Tries Size Generator Modulus
|
moduli: '# Time Type Tests Tries Size Generator Modulus
|
||||||
|
|
||||||
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
|
||||||
|
|
||||||
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
|
||||||
|
|
||||||
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
|
||||||
|
|
||||||
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
|
||||||
'
|
'
|
||||||
provide_dsa_keys: false
|
provide_dsa_keys: false
|
||||||
provide_ecdsa_keys: false
|
provide_ecdsa_keys: false
|
||||||
provide_ed25519_keys: false
|
provide_ed25519_keys: false
|
||||||
provide_rsa_keys: false
|
provide_rsa_keys: false
|
||||||
root_group: root
|
root_group: root
|
||||||
rsa:
|
rsa:
|
||||||
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
private_key: '-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
NOT_DEFINED
|
NOT_DEFINED
|
||||||
|
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
'
|
'
|
||||||
public_key: 'ssh-rsa NOT_DEFINED
|
public_key: 'ssh-rsa NOT_DEFINED
|
||||||
'
|
'
|
||||||
server: openssh-server
|
server: openssh-server
|
||||||
server_version: latest
|
server_version: latest
|
||||||
service: ssh
|
service: ssh
|
||||||
ssh_config: /etc/ssh/ssh_config
|
ssh_config: /etc/ssh/ssh_config
|
||||||
ssh_config_backup: true
|
ssh_config_backup: true
|
||||||
ssh_config_group: root
|
ssh_config_group: root
|
||||||
ssh_config_mode: '644'
|
ssh_config_mode: '644'
|
||||||
ssh_config_src: ssh_config
|
ssh_config_src: ssh_config
|
||||||
ssh_config_user: root
|
ssh_config_user: root
|
||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
ssh_known_hosts_src: ssh_known_hosts
|
ssh_known_hosts_src: ssh_known_hosts
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
sshd_binary: /usr/sbin/sshd
|
sshd_binary: /usr/sbin/sshd
|
||||||
sshd_config: /etc/ssh/sshd_config
|
sshd_config: /etc/ssh/sshd_config
|
||||||
sshd_config_backup: true
|
sshd_config_backup: true
|
||||||
sshd_config_group: root
|
sshd_config_group: root
|
||||||
sshd_config_mode: '644'
|
sshd_config_mode: '644'
|
||||||
sshd_config_src: sshd_config
|
sshd_config_src: sshd_config
|
||||||
sshd_config_user: root
|
sshd_config_user: root
|
||||||
sshd_enable: true
|
sshd_enable: true
|
||||||
tofs:
|
tofs:
|
||||||
source_files:
|
source_files:
|
||||||
manage ssh_known_hosts file:
|
manage ssh_known_hosts file:
|
||||||
- alt_ssh_known_hosts
|
- alt_ssh_known_hosts
|
||||||
ssh_config:
|
ssh_config:
|
||||||
- alt_ssh_config
|
- alt_ssh_config
|
||||||
sshd_banner:
|
sshd_banner:
|
||||||
- fire_banner
|
- fire_banner
|
||||||
sshd_config:
|
sshd_config:
|
||||||
- alt_sshd_config
|
- alt_sshd_config
|
||||||
ssh_config:
|
ssh_config:
|
||||||
Hosts:
|
Hosts:
|
||||||
'*':
|
'*':
|
||||||
GSSAPIAuthentication: 'yes'
|
GSSAPIAuthentication: 'yes'
|
||||||
HashKnownHosts: 'yes'
|
HashKnownHosts: 'yes'
|
||||||
SendEnv: LANG LC_*
|
SendEnv: LANG LC_*
|
||||||
sshd_config:
|
sshd_config:
|
||||||
AcceptEnv: LANG LC_*
|
AcceptEnv: LANG LC_*
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
PrintMotd: 'no'
|
PrintMotd: 'no'
|
||||||
Subsystem: sftp /usr/lib/openssh/sftp-server
|
Subsystem: sftp /usr/lib/openssh/sftp-server
|
||||||
UsePAM: 'yes'
|
UsePAM: 'yes'
|
||||||
X11Forwarding: 'yes'
|
X11Forwarding: 'yes'
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user