diff --git a/openssh/_mapdata/_mapdata.jinja b/openssh/_mapdata/_mapdata.jinja index ad54eaa..aa9649c 100644 --- a/openssh/_mapdata/_mapdata.jinja +++ b/openssh/_mapdata/_mapdata.jinja @@ -1,9 +1,9 @@ # yamllint disable rule:indentation rule:line-length -# {{ grains.get('osfinger', grains.os) }} +# {{ grains.get("osfinger", grains.os) }} --- {#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} -{{ salt['slsutil.serialize']( - 'yaml', +{{ salt["slsutil.serialize"]( + "yaml", map, default_flow_style=False, allow_unicode=True, diff --git a/openssh/_mapdata/init.sls b/openssh/_mapdata/init.sls index 81f3ad5..3529a8d 100644 --- a/openssh/_mapdata/init.sls +++ b/openssh/_mapdata/init.sls @@ -2,13 +2,16 @@ # vim: ft=sls --- {#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} +{%- set tplroot = tpldir.split("/")[0] %} {%- from tplroot ~ "/map.jinja" import mapdata with context %} -{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %} +{%- set _mapdata = { + "values": mapdata, + } %} +{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %} -{%- set output_dir = '/temp' if grains.os_family == 'Windows' else '/tmp' %} -{%- set output_file = output_dir ~ '/salt_mapdata_dump.yaml' %} +{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %} +{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %} {{ tplroot }}-mapdata-dump: file.managed: @@ -16,4 +19,4 @@ - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja - template: jinja - context: - map: {{ mapdata | yaml }} + map: {{ _mapdata | yaml }} diff --git a/test/integration/default/controls/_mapdata_spec.rb b/test/integration/default/controls/_mapdata_spec.rb index 2cced0a..6463532 100644 --- a/test/integration/default/controls/_mapdata_spec.rb +++ b/test/integration/default/controls/_mapdata_spec.rb @@ -5,19 +5,43 @@ require 'yaml' control '`map.jinja` YAML dump' do title 'should match the comparison file' + ### Method + # The steps below for each file appear convoluted but they are both required + # and similar in nature: + # 1. The earliest method was to simply compare the files textually but this often + # led to false positives due to inconsistencies (e.g. spacing, ordering) + # 2. The next method was to load the files back into YAML structures and then + # compare but InSpec provided block diffs this way, unusable by end users + # 3. The final step was to dump the YAML structures back into a string to use + # for the comparison; this both worked and provided human-friendly diffs + + ### Comparison file for the specific platform + ### Static, adjusted as part of code contributions, as map data is changed # Strip the `platform[:finger]` version number down to the "OS major release" - mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml" + platform_finger = system.platform[:finger].split('.').first.to_s + # Use that to set the path to the file (relative to the InSpec suite directory) + mapdata_file_path = "_mapdata/#{platform_finger}.yaml" + # Load the mapdata from profile, into a YAML structure + # https://docs.chef.io/inspec/profiles/#profile-files + mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path)) + # Dump the YAML back into a string for comparison + mapdata_file_dump = YAML.dump(mapdata_file_yaml) - # Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files - mapdata_dump = YAML.safe_load(inspec.profile.file(mapdata_file)) - - # Derive the location of the dumped mapdata + ### Output file produced by running the `_mapdata` state + ### Dynamic, generated during Kitchen's `converge` phase + # Derive the location of the dumped mapdata (differs for Windows) output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' - output_file = "#{output_dir}/salt_mapdata_dump.yaml" + # Use that to set the path to the file (absolute path, i.e. within the container) + output_file_path = "#{output_dir}/salt_mapdata_dump.yaml" + # Load the output into a YAML structure using InSpec's `yaml` resource + # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29 + output_file_yaml = yaml(output_file_path).params + # Dump the YAML back into a string for comparison + output_file_dump = YAML.dump(output_file_yaml) describe 'File content' do it 'should match profile map data exactly' do - expect(yaml(output_file).params).to eq(mapdata_dump) + expect(output_file_dump).to eq(mapdata_file_dump) end end end diff --git a/test/integration/default/files/_mapdata/amazonlinux-1.yaml b/test/integration/default/files/_mapdata/amazonlinux-1.yaml index b18b022..c4ed9c9 100644 --- a/test/integration/default/files/_mapdata/amazonlinux-1.yaml +++ b/test/integration/default/files/_mapdata/amazonlinux-1.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Amazon Linux AMI-2018 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/amazonlinux-2.yaml b/test/integration/default/files/_mapdata/amazonlinux-2.yaml index 17e0c9f..5311f2c 100644 --- a/test/integration/default/files/_mapdata/amazonlinux-2.yaml +++ b/test/integration/default/files/_mapdata/amazonlinux-2.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Amazon Linux-2 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/arch-base-latest.yaml b/test/integration/default/files/_mapdata/arch-base-latest.yaml index 471eafb..8f62a0e 100644 --- a/test/integration/default/files/_mapdata/arch-base-latest.yaml +++ b/test/integration/default/files/_mapdata/arch-base-latest.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Arch --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh - client_version: latest - dig_pkg: bind - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh + client_version: latest + dig_pkg: bind + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/centos-6.yaml b/test/integration/default/files/_mapdata/centos-6.yaml index df92a76..1f88c5f 100644 --- a/test/integration/default/files/_mapdata/centos-6.yaml +++ b/test/integration/default/files/_mapdata/centos-6.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # CentOS-6 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/centos-7.yaml b/test/integration/default/files/_mapdata/centos-7.yaml index a9df180..dffc0a7 100644 --- a/test/integration/default/files/_mapdata/centos-7.yaml +++ b/test/integration/default/files/_mapdata/centos-7.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # CentOS Linux-7 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/centos-8.yaml b/test/integration/default/files/_mapdata/centos-8.yaml index f125f56..d3ea759 100644 --- a/test/integration/default/files/_mapdata/centos-8.yaml +++ b/test/integration/default/files/_mapdata/centos-8.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # CentOS Linux-8 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/debian-10.yaml b/test/integration/default/files/_mapdata/debian-10.yaml index 7c93e85..bc3bcc0 100644 --- a/test/integration/default/files/_mapdata/debian-10.yaml +++ b/test/integration/default/files/_mapdata/debian-10.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Debian-10 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-client - client_version: latest - dig_pkg: dnsutils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-client + client_version: latest + dig_pkg: dnsutils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: ssh - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: ssh + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/debian-9.yaml b/test/integration/default/files/_mapdata/debian-9.yaml index 9dd8a08..185dae0 100644 --- a/test/integration/default/files/_mapdata/debian-9.yaml +++ b/test/integration/default/files/_mapdata/debian-9.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Debian-9 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-client - client_version: latest - dig_pkg: dnsutils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-client + client_version: latest + dig_pkg: dnsutils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: ssh - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: ssh + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/fedora-31.yaml b/test/integration/default/files/_mapdata/fedora-31.yaml index caebd27..53bd782 100644 --- a/test/integration/default/files/_mapdata/fedora-31.yaml +++ b/test/integration/default/files/_mapdata/fedora-31.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Fedora-31 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/fedora-32.yaml b/test/integration/default/files/_mapdata/fedora-32.yaml index 3a50629..eedcbd5 100644 --- a/test/integration/default/files/_mapdata/fedora-32.yaml +++ b/test/integration/default/files/_mapdata/fedora-32.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Fedora-32 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-clients - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-clients + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/opensuse-15.yaml b/test/integration/default/files/_mapdata/opensuse-15.yaml index 4e25e10..5c7f1b1 100644 --- a/test/integration/default/files/_mapdata/opensuse-15.yaml +++ b/test/integration/default/files/_mapdata/opensuse-15.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Leap-15 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh - client_version: latest - dig_pkg: bind-utils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh + client_version: latest + dig_pkg: bind-utils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh - server_version: latest - service: sshd - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh + server_version: latest + service: sshd + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/ubuntu-16.yaml b/test/integration/default/files/_mapdata/ubuntu-16.yaml index 7124114..268bc13 100644 --- a/test/integration/default/files/_mapdata/ubuntu-16.yaml +++ b/test/integration/default/files/_mapdata/ubuntu-16.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Ubuntu-16.04 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-client - client_version: latest - dig_pkg: dnsutils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-client + client_version: latest + dig_pkg: dnsutils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: ssh - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: ssh + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/ubuntu-18.yaml b/test/integration/default/files/_mapdata/ubuntu-18.yaml index 2b00d0f..9330166 100644 --- a/test/integration/default/files/_mapdata/ubuntu-18.yaml +++ b/test/integration/default/files/_mapdata/ubuntu-18.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Ubuntu-18.04 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-client - client_version: latest - dig_pkg: dnsutils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-client + client_version: latest + dig_pkg: dnsutils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: ssh - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: ssh + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes' diff --git a/test/integration/default/files/_mapdata/ubuntu-20.yaml b/test/integration/default/files/_mapdata/ubuntu-20.yaml index 8d2d7d0..948b878 100644 --- a/test/integration/default/files/_mapdata/ubuntu-20.yaml +++ b/test/integration/default/files/_mapdata/ubuntu-20.yaml @@ -1,176 +1,177 @@ # yamllint disable rule:indentation rule:line-length # Ubuntu-20.04 --- -map_jinja: - config_get_roots: - - openssh - - sshd_config - - ssh_config -openssh: - absent_dsa_keys: false - absent_ecdsa_keys: false - absent_ed25519_keys: false - absent_rsa_keys: false - auth: - joe-non-valid-ssh-key: - - comment: obsolete key - removed - enc: ssh-rsa - present: false - source: salt://ssh_keys/joe.no-valid.pub - user: joe - joe-valid-ssh-key-desktop: - - comment: main key - desktop - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.desktop.pub - user: joe - joe-valid-ssh-key-notebook: - - comment: main key - notebook - enc: ssh-rsa - present: true - source: salt://ssh_keys/joe.netbook.pub - user: joe - auth_map: - personal_keys: - source: salt://ssh_keys - users: - joe: - joe.desktop: {} - joe.netbook: - options: [] - joe.no-valid: - present: false - banner: /etc/ssh/banner - banner_src: banner - banner_string: 'Welcome to example.net! -' - client: openssh-client - client_version: latest - dig_pkg: dnsutils - dsa: - private_key: '-----BEGIN DSA PRIVATE KEY----- +values: + map_jinja: + config_get_roots: + - openssh + - sshd_config + - ssh_config + openssh: + absent_dsa_keys: false + absent_ecdsa_keys: false + absent_ed25519_keys: false + absent_rsa_keys: false + auth: + joe-non-valid-ssh-key: + - comment: obsolete key - removed + enc: ssh-rsa + present: false + source: salt://ssh_keys/joe.no-valid.pub + user: joe + joe-valid-ssh-key-desktop: + - comment: main key - desktop + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.desktop.pub + user: joe + joe-valid-ssh-key-notebook: + - comment: main key - notebook + enc: ssh-rsa + present: true + source: salt://ssh_keys/joe.netbook.pub + user: joe + auth_map: + personal_keys: + source: salt://ssh_keys + users: + joe: + joe.desktop: {} + joe.netbook: + options: [] + joe.no-valid: + present: false + banner: /etc/ssh/banner + banner_src: banner + banner_string: 'Welcome to example.net! + ' + client: openssh-client + client_version: latest + dig_pkg: dnsutils + dsa: + private_key: '-----BEGIN DSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END DSA PRIVATE KEY----- -' - public_key: 'ssh-dss NOT_DEFINED -' - ecdsa: - private_key: '-----BEGIN EC PRIVATE KEY----- + -----END DSA PRIVATE KEY----- + ' + public_key: 'ssh-dss NOT_DEFINED + ' + ecdsa: + private_key: '-----BEGIN EC PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END EC PRIVATE KEY----- -' - public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED -' - ed25519: - private_key: '-----BEGIN OPENSSH PRIVATE KEY----- + -----END EC PRIVATE KEY----- + ' + public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED + ' + ed25519: + private_key: '-----BEGIN OPENSSH PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END OPENSSH PRIVATE KEY----- -' - public_key: 'ssh-ed25519 NOT_DEFINED -' - enforce_rsa_size: false - generate_dsa_keys: false - generate_ecdsa_keys: false - generate_ed25519_keys: false - generate_rsa_keys: false - generate_rsa_size: 4096 - host_key_algos: ecdsa,ed25519,rsa - known_hosts: - aliases: - - cname-to-minion.example.org - - alias.example.org - hostnames: false - include_localhost: false - mine_hostname_function: public_ssh_hostname - mine_keys_function: public_ssh_host_keys - omit_ip_address: - - github.com - salt_ssh: - public_ssh_host_keys: - minion.id: 'ssh-rsa [...] + -----END OPENSSH PRIVATE KEY----- + ' + public_key: 'ssh-ed25519 NOT_DEFINED + ' + enforce_rsa_size: false + generate_dsa_keys: false + generate_ecdsa_keys: false + generate_ed25519_keys: false + generate_rsa_keys: false + generate_rsa_size: 4096 + host_key_algos: ecdsa,ed25519,rsa + known_hosts: + aliases: + - cname-to-minion.example.org + - alias.example.org + hostnames: false + include_localhost: false + mine_hostname_function: public_ssh_hostname + mine_keys_function: public_ssh_host_keys + omit_ip_address: + - github.com + salt_ssh: + public_ssh_host_keys: + minion.id: 'ssh-rsa [...] - ssh-ed25519 [...] -' - public_ssh_host_names: - minion.id: - - minion.id - - alias.of.minion.id - user: salt-master - static: - github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] - gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] - target: '*' - tgt_type: glob - moduli: '# Time Type Tests Tries Size Generator Modulus + ssh-ed25519 [...] + ' + public_ssh_host_names: + minion.id: + - minion.id + - alias.of.minion.id + user: salt-master + static: + github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...] + gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...] + target: '*' + tgt_type: glob + moduli: '# Time Type Tests Tries Size Generator Modulus - 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 + 20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63 - 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB + 20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB - 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 + 20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53 - 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F -' - provide_dsa_keys: false - provide_ecdsa_keys: false - provide_ed25519_keys: false - provide_rsa_keys: false - root_group: root - rsa: - private_key: '-----BEGIN RSA PRIVATE KEY----- + 20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F + ' + provide_dsa_keys: false + provide_ecdsa_keys: false + provide_ed25519_keys: false + provide_rsa_keys: false + root_group: root + rsa: + private_key: '-----BEGIN RSA PRIVATE KEY----- - NOT_DEFINED + NOT_DEFINED - -----END RSA PRIVATE KEY----- -' - public_key: 'ssh-rsa NOT_DEFINED -' - server: openssh-server - server_version: latest - service: ssh - ssh_config: /etc/ssh/ssh_config - ssh_config_backup: true - ssh_config_group: root - ssh_config_mode: '644' - ssh_config_src: ssh_config - ssh_config_user: root - ssh_known_hosts: /etc/ssh/ssh_known_hosts - ssh_known_hosts_src: ssh_known_hosts - ssh_moduli: /etc/ssh/moduli - sshd_binary: /usr/sbin/sshd - sshd_config: /etc/ssh/sshd_config - sshd_config_backup: true - sshd_config_group: root - sshd_config_mode: '644' - sshd_config_src: sshd_config - sshd_config_user: root - sshd_enable: true - tofs: - source_files: - manage ssh_known_hosts file: - - alt_ssh_known_hosts - ssh_config: - - alt_ssh_config - sshd_banner: - - fire_banner - sshd_config: - - alt_sshd_config -ssh_config: - Hosts: - '*': - GSSAPIAuthentication: 'yes' - HashKnownHosts: 'yes' - SendEnv: LANG LC_* -sshd_config: - AcceptEnv: LANG LC_* - ChallengeResponseAuthentication: 'no' - PrintMotd: 'no' - Subsystem: sftp /usr/lib/openssh/sftp-server - UsePAM: 'yes' - X11Forwarding: 'yes' + -----END RSA PRIVATE KEY----- + ' + public_key: 'ssh-rsa NOT_DEFINED + ' + server: openssh-server + server_version: latest + service: ssh + ssh_config: /etc/ssh/ssh_config + ssh_config_backup: true + ssh_config_group: root + ssh_config_mode: '644' + ssh_config_src: ssh_config + ssh_config_user: root + ssh_known_hosts: /etc/ssh/ssh_known_hosts + ssh_known_hosts_src: ssh_known_hosts + ssh_moduli: /etc/ssh/moduli + sshd_binary: /usr/sbin/sshd + sshd_config: /etc/ssh/sshd_config + sshd_config_backup: true + sshd_config_group: root + sshd_config_mode: '644' + sshd_config_src: sshd_config + sshd_config_user: root + sshd_enable: true + tofs: + source_files: + manage ssh_known_hosts file: + - alt_ssh_known_hosts + ssh_config: + - alt_ssh_config + sshd_banner: + - fire_banner + sshd_config: + - alt_sshd_config + ssh_config: + Hosts: + '*': + GSSAPIAuthentication: 'yes' + HashKnownHosts: 'yes' + SendEnv: LANG LC_* + sshd_config: + AcceptEnv: LANG LC_* + ChallengeResponseAuthentication: 'no' + PrintMotd: 'no' + Subsystem: sftp /usr/lib/openssh/sftp-server + UsePAM: 'yes' + X11Forwarding: 'yes'