saltstack-formulas/openssh-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

removed deprecated options (#150)

Browse Source
This commit is contained in:
alxwr 2019-02-12 21:25:41 +01:00 committed by Niels Abspoel
parent cf3b048230
commit d9653889fa
2 changed files with 0 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openssh/files/sshd_config
View File

@ -90,10 +90,6 @@
{#- Privilege Separation is turned on for security -#} {#- Privilege Separation is turned on for security -#}
{{- option('UsePrivilegeSeparation') -}} {{- option('UsePrivilegeSeparation') -}}
{#- Lifetime and size of ephemeral version 1 server key -#}
{{- option('KeyRegenerationInterval') -}}
{{- option('ServerKeyBits') -}}
{#- Logging -#} {#- Logging -#}
{{- option('SyslogFacility') -}} {{- option('SyslogFacility') -}}
{{- option('LogLevel') -}} {{- option('LogLevel') -}}
@ -109,8 +105,6 @@
{{- option('MaxAuthTries') -}} {{- option('MaxAuthTries') -}}
{{- option('MaxSessions') -}} {{- option('MaxSessions') -}}
{{- option('DSAAuthentication') -}}
{{- option('RSAAuthentication') -}}
{{- option('PubkeyAuthentication') -}} {{- option('PubkeyAuthentication') -}}
{{- option('AuthorizedKeysFile') -}} {{- option('AuthorizedKeysFile') -}}
{{- option('AuthorizedKeysCommand') -}} {{- option('AuthorizedKeysCommand') -}}
@ -118,8 +112,6 @@
{#- Don't read the user's ~/.rhosts and ~/.shosts files -#} {#- Don't read the user's ~/.rhosts and ~/.shosts files -#}
{{- option('IgnoreRhosts') -}} {{- option('IgnoreRhosts') -}}
{#- For this to work you will also need host keys in /etc/ssh_known_hosts -#}
{{- option('RhostsRSAAuthentication') -}}
{#- similar for protocol version 2 -#} {#- similar for protocol version 2 -#}
{{- option('HostbasedAuthentication') -}} {{- option('HostbasedAuthentication') -}}
{#- Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#} {#- Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#}

4
pillar.example
View File

@ -12,8 +12,6 @@ sshd_config:
- /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ecdsa_key
- /etc/ssh/ssh_host_ed25519_key - /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation: 'sandbox' UsePrivilegeSeparation: 'sandbox'
KeyRegenerationInterval: 3600
ServerKeyBits: 1024
SyslogFacility: AUTH SyslogFacility: AUTH
LogLevel: INFO LogLevel: INFO
ClientAliveInterval: 0 ClientAliveInterval: 0
@ -24,12 +22,10 @@ sshd_config:
StrictModes: 'yes' StrictModes: 'yes'
MaxAuthTries: 6 MaxAuthTries: 6
MaxSessions: 10 MaxSessions: 10
RSAAuthentication: 'yes'
PubkeyAuthentication: 'yes' PubkeyAuthentication: 'yes'
AuthorizedKeysCommand: '/usr/bin/sss_ssh_authorizedkeys' AuthorizedKeysCommand: '/usr/bin/sss_ssh_authorizedkeys'
AuthorizedKeysCommandUser: 'nobody' AuthorizedKeysCommandUser: 'nobody'
IgnoreRhosts: 'yes' IgnoreRhosts: 'yes'
RhostsRSAAuthentication: 'no'
HostbasedAuthentication: 'no' HostbasedAuthentication: 'no'
PermitEmptyPasswords: 'no' PermitEmptyPasswords: 'no'
ChallengeResponseAuthentication: 'no' ChallengeResponseAuthentication: 'no'