openssh-formula

Author	SHA1	Message	Date
chenmen	463ad69d92	reuse sshd_config from map (#160 ) remove duplicated 'pillar.get' calls to retrieve the sshd_config and ssh_config pillars.	2019-04-27 09:13:48 +02:00
alxwr	b5ac5e0b74	Merge pull request #152 from polymeter/remove_by_source Allow removing keys based on source file.	2019-04-09 21:02:44 +02:00
Robin Elfrink	c3c2472562	Fix fetching default ssh_config. Closes #153.	2019-02-27 14:10:02 +01:00
Manuel Webersen	29f7d71426	Allow removing keys based on source file.	2019-02-26 13:36:55 +01:00
Imran Iqbal	3715cd601c	Merge pull request #151 from alxwr/issue-98 CentOS does not support ed25519; fixes #98	2019-02-18 20:49:38 +00:00
alxwr	3f9876fc40	ssh_config: properly render host options (#149 ) * ssh_config: properly render host options (fixes #145) * ssh_config: whitespace optimization (fixes #145)	2019-02-12 21:31:49 +01:00
alxwr	d9653889fa	removed deprecated options (#150 )	2019-02-12 21:25:41 +01:00
Alexander Weidinger	29b89f0fb9	map.jinja: replace defaults.merge with grains.filter_by	2019-02-12 19:11:46 +01:00
Alexander Weidinger	0c6a353969	Fix map.jinja: openssh:lookup is not used anyways	2019-02-12 19:02:57 +01:00
Alexander Weidinger	f53ccccd3f	CentOS does not support ed25519; fixes #98	2019-02-12 14:55:15 +01:00
Alexander Weidinger	4b84dead8e	Made host key algos configurable; dropped DSA	2019-02-12 14:55:15 +01:00
Alexander Weidinger	54dde36e53	split map.jinja according to template-formula	2019-02-12 14:55:15 +01:00
Peter Hudec	ea755686e3	updated openssh/config.sls	2018-10-10 14:06:14 +02:00
Peter Hudec	0232f5cbbc	updated openssh/defaults.yaml	2018-10-10 14:05:26 +02:00
Jasper Lievisse Adriaanse	9845b1fddc	Add support for Solaris; tested on SmartOS instance zone (#137 )	2018-09-28 20:39:31 +02:00
N	131910d0ca	Merge pull request #136 from Perceptyx/master Added Debian sftp subystem	2018-09-12 01:55:18 +01:00
reschl	ffafd2a2f5	Support package versions (#134 ) added possibility to configure server version and client version with pillar example	2018-09-03 16:42:39 +02:00
tmeneau	63ad14efb1	Fix invalid require_in sshd_config for key states Change the require_ins used by the key management states in the config.sls to be conditional based on whether the sshd_config is managed by the formula Fixes #130	2018-08-03 08:35:42 -04:00
alxwr	aa3da8f2c2	Pillar openssh.known_hosts_salt_ssh (#128 ) * Pillar openssh.known_hosts_salt_ssh * Dropped ill-named file * Fixed aliasing of host names * Improved pillar.example * Opt-in to include localhost * pillar/known_hosts_salt_ssh: clear cache in run() * Dropped forgotten debugging output	2018-06-01 14:11:52 +02:00
Florian Ermisch	45763f54aa	Add host keys from pillar[openssh:known_hosts:static] to `ssh_known_hosts`	2018-04-26 16:56:18 +02:00
Felipe Zipitría	6fbef86827	Add sftp subsystem debian (#3 ) * Add map for debian	2018-04-25 17:48:47 -03:00
Niels Abspoel	b93448b5e6	Merge pull request #124 from arthurlogilab/123-add-ini-version-of-config [openssh/config_ini] initial version of config_ini which uses ini state	2018-03-17 21:35:30 +01:00
Niels Abspoel	af9721a0f5	fix iteritems for python3	2018-03-10 16:35:57 +01:00
Raphaël Hertzog	6ccb9fc87d	Replace deprecated "user" attribute by "runas"	2018-02-16 12:11:54 +01:00
Arthur Lutz	dcb70e5181	[openssh/config_ini] initial version of config_ini which uses ini state closes #123	2018-02-15 17:43:13 +01:00
alxwr	73727bc218	Merge pull request #118 from Perceptyx/master [FIX] When key is present override generating by any way	2017-12-29 04:02:08 +01:00
Mario Fritschen	e665450ed4	Changed expr_form to tgt_type for deprecation reasons. (#122 )	2017-12-23 00:11:24 +01:00
alxwr	5e3368afcb	drop default values (fixes #102 ) (#117 ) * drop default values (fixes #102) * hmac-ripemd160 was dropped in 7.6	2017-10-23 20:18:11 +02:00
Andres Montalban	26f2fc8e97	[FIX] When key is present override generating by any way	2017-10-15 17:55:44 -03:00
Niels Abspoel	9cdb9aaba0	improve allow_deny_users_groups	2017-08-21 23:35:04 +02:00
alxwr	178692f92e	Merge pull request #113 from brianholland99/master Add ConfigBanner to processed_options when handled.	2017-08-18 05:03:30 +02:00
Niels Abspoel	d157c0a36e	Merge pull request #111 from saltstack-formulas/hostnames-in-known-hosts Hostnames in known hosts	2017-08-16 14:29:25 +02:00
Brian Holland	6400516c5e	Add ConfigBanner to processed_options when handled. This prevents a verbatim version being added to end of file that will cause the parsing to fail.	2017-08-15 23:08:23 -04:00
Tibold Kandrai	83e60fd840	Fixed supporting multiline banner_string defined in the pillar.	2017-08-10 15:45:05 +02:00
Alexander Weidinger	e523ae5281	Optionally add hostnames to known_hosts	2017-08-08 07:51:38 +02:00
Alexander Weidinger	75e582a7bc	New macro: known_hosts_entry; added comments	2017-08-08 07:16:23 +02:00
Alexander Weidinger	f4cf9aa22b	CentOS 6: UsePrivilegeSeparation 'yes' (fixes #108 )	2017-08-01 14:50:08 +02:00
Alexander Weidinger	a5f4a56956	UsePrivilegeSeparation 'sandbox' This is was introduced in 5.9, and is default in 6.1. https://www.openssh.com/txt/release-5.9 https://www.openssh.com/txt/release-6.1	2017-08-01 00:02:03 +02:00
Alexander Weidinger	7afea021c6	Fixed key generation - generate before running check_mk on the sshd_config - set permissions on private key - cope with empty keys	2017-07-31 23:35:18 +02:00
Andres Montalban	c7a97ae72f	Create needed directory for UsePrivilegeSeparation option	2017-07-28 10:17:16 -03:00
Andres Montalban	500c915c33	Allow to config banner in pillar	2017-07-27 19:55:34 -03:00
Andres Montalban	467c5e56fc	Remove extra whitespace	2017-07-27 19:06:27 -03:00
Alexander Weidinger	c71f2ae4fa	minor fix: use keyFile in config.sls	2017-07-04 22:47:02 +02:00
Alexander Weidinger	e44d8860f4	Sort Match options	2017-07-04 22:30:49 +02:00
Alexander Weidinger	f810b27211	Merge branch 'prioritized-compound-match-2' of git://github.com/mikemol/openssh-formula	2017-07-04 21:58:05 +02:00
Florian Ermisch	add969822c	add optional `{{source}} to sshd_config	2017-07-04 21:38:21 +02:00
Florian Ermisch	8594cd90ba	add optional `{{source}} to ssh_config	2017-07-04 21:38:21 +02:00
Michael Mol	6229a6d122	Stabily sort matches OpenSSH's Match declarations are applied first-match-wins. However, we can't safely define two Matches that might overlap unless we first sort the keys, as Python (and Jinja) dicts don't guarantee the order of dict keys, We also won't scramble the match sequence every time the user adds, removes or renames a match, and so we give the user clearer, more concise diffs as when they apply changes. Finally, we leave a comment on the Match line identifying where the Match rule came from, to assist in troubleshooting.	2017-06-12 12:08:26 -04:00
Michael Mol	710175799b	Support compound matches Support complex compound matches in Match criteria. For example, be able to match against multiple Users for a given Match, or be able to match against address ranges. Or Groups. Or any combination thereof. Support for matching users can take one of several different appearances in pillar data: sshd_config: matches: match_1: type: User: one_user options: ChrootDirectory: /ex/%u match_2: type: User: - jim - bob - sally options: ChrootDirectory: /ex/%u match_3: type: User: jim: ~ bob: ~ sally: ~ options: ChrootDirectory: /ex/%u Note the syntax of match_3. By using empty dicts for each user, we can leverage Salt's pillar mergine. If we use simple lists, we cannot do this; Salt can't merge simple lists, because it doesn't know what order they ought to be in.	2017-06-12 11:43:46 -04:00
Michael Mol	345e07c85e	Support Match prioritization OpenSSH's Match declarations are applied first-match-wins. However, we can't safely define two Matches that might overlap unless we first sort the keys, as Python (and Jinja) dicts don't guarantee the order of dict keys, We also won't scramble the match sequence every time the user adds, removes or renames a match, and so we give the user clearer, more concise diffs as when they apply changes. Finally, we leave a comment on the Match line identifying where the Match rule came from, to assist in troubleshooting.	2017-06-09 15:51:13 -04:00

1 2 3 4

158 Commits