Commit Graph

265 Commits

Author SHA1 Message Date
Alexander Weidinger
29b89f0fb9 map.jinja: replace defaults.merge with grains.filter_by 2019-02-12 19:11:46 +01:00
Alexander Weidinger
0c6a353969 Fix map.jinja: openssh:lookup is not used anyways 2019-02-12 19:02:57 +01:00
Alexander Weidinger
f53ccccd3f CentOS does not support ed25519; fixes #98 2019-02-12 14:55:15 +01:00
Alexander Weidinger
4b84dead8e Made host key algos configurable; dropped DSA 2019-02-12 14:55:15 +01:00
Alexander Weidinger
54dde36e53 split map.jinja according to template-formula 2019-02-12 14:55:15 +01:00
scub
cf3b048230 Resolve gem dependencies across "supported" environments (#142) 2019-01-24 20:11:48 +01:00
N
2979af9bf5
Merge pull request #138 from hudecof/config_backup_option
Config backup option
2018-10-14 22:28:34 +01:00
Peter Hudec
ea755686e3 updated openssh/config.sls 2018-10-10 14:06:14 +02:00
Peter Hudec
0232f5cbbc updated openssh/defaults.yaml 2018-10-10 14:05:26 +02:00
Jasper Lievisse Adriaanse
9845b1fddc Add support for Solaris; tested on SmartOS instance zone (#137) 2018-09-28 20:39:31 +02:00
N
131910d0ca
Merge pull request #136 from Perceptyx/master
Added Debian sftp subystem
2018-09-12 01:55:18 +01:00
reschl
ffafd2a2f5 Support package versions (#134)
added possibility to configure server version and client version
with pillar example
2018-09-03 16:42:39 +02:00
Philippe Grégoire
7cfc9f5a04 Hint at Host support for ssh_config (#133)
The `ssh_config` state supports generating `Host` sections, but it is
buried in the source. By default, options are simply dumped in the
configuration file; without any `Host` directive.

This patch hints (and, actually, encourages) users to use `Host`
sections by updating the pillar example to use the `Hosts` directive
with the `*` pattern.
2018-08-24 12:14:26 +02:00
Javier Bértoli
6e077f5dbe
Merge pull request #131 from tmeneau/fix-config-require-in-for-keys
Fix invalid require_in sshd_config for key states
2018-08-03 19:09:37 -03:00
tmeneau
63ad14efb1 Fix invalid require_in sshd_config for key states
Change the require_ins used by the key management states in the
config.sls to be conditional based on whether the sshd_config
is managed by the formula

Fixes #130
2018-08-03 08:35:42 -04:00
alxwr
aa3da8f2c2 Pillar openssh.known_hosts_salt_ssh (#128)
* Pillar openssh.known_hosts_salt_ssh

* Dropped ill-named file

* Fixed aliasing of host names

* Improved pillar.example

* Opt-in to include localhost

* pillar/known_hosts_salt_ssh: clear cache in run()

* Dropped forgotten debugging output
2018-06-01 14:11:52 +02:00
alxwr
11366b3c17
Merge pull request #127 from 0xf10e/known_hosts_pillar
Add host keys from pillar to `ssh_known_hosts`
2018-04-27 10:39:31 +02:00
Florian Ermisch
bf9b9a335c Add openssh:known_hosts:static to README and pillar.example 2018-04-26 17:12:29 +02:00
Florian Ermisch
45763f54aa Add host keys from pillar[openssh:known_hosts:static] to ssh_known_hosts 2018-04-26 16:56:18 +02:00
Felipe Zipitría
6fbef86827
Add sftp subsystem debian (#3)
* Add map for debian
2018-04-25 17:48:47 -03:00
Andres Montalban
2a4d07cae1
Merge pull request #2 from Perceptyx/develop
Add latest changes from upstream
2018-04-17 15:28:01 -03:00
Niels Abspoel
b93448b5e6
Merge pull request #124 from arthurlogilab/123-add-ini-version-of-config
[openssh/config_ini] initial version of config_ini which uses ini state
2018-03-17 21:35:30 +01:00
Javier Bértoli
fdc3ca398d
Merge pull request #125 from aboe76/python3_support
fix iteritems for python3
2018-03-10 12:42:18 -03:00
Niels Abspoel
af9721a0f5 fix iteritems for python3 2018-03-10 16:35:57 +01:00
Raphaël Hertzog
6ccb9fc87d Replace deprecated "user" attribute by "runas" 2018-02-16 12:11:54 +01:00
Arthur Lutz
dcb70e5181 [openssh/config_ini] initial version of config_ini which uses ini state
closes #123
2018-02-15 17:43:13 +01:00
alxwr
73727bc218
Merge pull request #118 from Perceptyx/master
[FIX] When key is present override generating by any way
2017-12-29 04:02:08 +01:00
Mario Fritschen
e665450ed4 Changed expr_form to tgt_type for deprecation reasons. (#122) 2017-12-23 00:11:24 +01:00
alxwr
5e3368afcb drop default values (fixes #102) (#117)
* drop default values (fixes #102)
* hmac-ripemd160 was dropped in 7.6
2017-10-23 20:18:11 +02:00
Andres Montalban
26f2fc8e97 [FIX] When key is present override generating by any way 2017-10-15 17:55:44 -03:00
Alexander Weidinger
a2dd72bb3e Merge branch 'aboe76-improve_allowed_users_groups' 2017-08-23 11:26:45 +02:00
Niels Abspoel
9cdb9aaba0 improve allow_deny_users_groups 2017-08-21 23:35:04 +02:00
alxwr
178692f92e Merge pull request #113 from brianholland99/master
Add ConfigBanner to processed_options when handled.
2017-08-18 05:03:30 +02:00
Niels Abspoel
d157c0a36e Merge pull request #111 from saltstack-formulas/hostnames-in-known-hosts
Hostnames in known hosts
2017-08-16 14:29:25 +02:00
Brian Holland
6400516c5e Add ConfigBanner to processed_options when handled.
This prevents a verbatim version being added to end of file that will
cause the parsing to fail.
2017-08-15 23:08:23 -04:00
Niels Abspoel
0eda16c548 Merge pull request #112 from chessclub/multiline-banner-fix
Fixed supporting multiline banner_string defined in the pillar.
2017-08-11 10:30:56 +02:00
Tibold Kandrai
83e60fd840 Fixed supporting multiline banner_string defined in the pillar. 2017-08-10 15:45:05 +02:00
Alexander Weidinger
e523ae5281 Optionally add hostnames to known_hosts 2017-08-08 07:51:38 +02:00
Alexander Weidinger
75e582a7bc New macro: known_hosts_entry; added comments 2017-08-08 07:16:23 +02:00
Niels Abspoel
0924649158 Merge pull request #109 from saltstack-formulas/UsePrivilegeSeparation
CentOS 6: UsePrivilegeSeparation 'yes' (fixes #108)
2017-08-01 21:50:53 +02:00
Alexander Weidinger
f4cf9aa22b CentOS 6: UsePrivilegeSeparation 'yes' (fixes #108) 2017-08-01 14:50:08 +02:00
Niels Abspoel
9b7fc59a35 Merge pull request #107 from saltstack-formulas/UsePrivilegeSeparation
UsePrivilegeSeparation 'sandbox'
2017-08-01 09:23:56 +02:00
Alexander Weidinger
a5f4a56956 UsePrivilegeSeparation 'sandbox'
This is was introduced in 5.9, and is default in 6.1.
https://www.openssh.com/txt/release-5.9
https://www.openssh.com/txt/release-6.1
2017-08-01 00:02:03 +02:00
Niels Abspoel
2171040e11 Merge pull request #106 from saltstack-formulas/fix-keygen
Fixed key generation
2017-07-31 23:45:45 +02:00
Alexander Weidinger
7afea021c6 Fixed key generation
- generate before running check_mk on the sshd_config
- set permissions on private key
- cope with empty keys
2017-07-31 23:35:18 +02:00
alxwr
7cd1faac84 Merge pull request #105 from Perceptyx/master
Create needed directory for UsePrivilegeSeparation option
2017-07-31 22:57:41 +02:00
Andres Montalban
c7a97ae72f Create needed directory for UsePrivilegeSeparation option 2017-07-28 10:17:16 -03:00
Andres Montalban
1a65c5996e Merge remote-tracking branch 'upstream/master' 2017-07-28 10:13:55 -03:00
Niels Abspoel
6dba76fe56 Merge pull request #104 from Perceptyx/banner_fix
Allow to configure SSH banner text in pillar
2017-07-28 10:49:52 +02:00
Andres Montalban
3e7f6f7648 Merge pull request #1 from amontalban/banner_fix
Allow to configure SSH banner text in pillar
2017-07-27 19:57:41 -03:00