saltstack-formulas/openssh-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #107 from saltstack-formulas/UsePrivilegeSeparation

Browse Source 
UsePrivilegeSeparation 'sandbox'
This commit is contained in:
Niels Abspoel 2017-08-01 09:23:56 +02:00 committed by GitHub
commit 9b7fc59a35
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openssh/files/sshd_config
View File

@ -103,7 +103,7 @@
{{ option_default_uncommented('HostKey', ['/etc/ssh/ssh_host_rsa_key', '/etc/ssh/ssh_host_dsa_key', '/etc/ssh/ssh_host_ecdsa_key', '/etc/ssh/ssh_host_ed25519_key']) -}}
#Privilege Separation is turned on for security
{{ option_default_uncommented('UsePrivilegeSeparation', 'yes') }}
{{ option_default_uncommented('UsePrivilegeSeparation', 'sandbox') }}
# Lifetime and size of ephemeral version 1 server key
{{ option_default_uncommented('KeyRegenerationInterval', 3600) }}

2
pillar.example
View File

@ -11,7 +11,7 @@ sshd_config:
- /etc/ssh/ssh_host_dsa_key
- /etc/ssh/ssh_host_ecdsa_key
- /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation: 'yes'
UsePrivilegeSeparation: 'sandbox'
KeyRegenerationInterval: 3600
ServerKeyBits: 1024
SyslogFacility: AUTH