POTIER Mathieu
|
f55445211c
|
Specify config clause only if defined in pillar.
Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu>
|
2015-11-18 20:33:50 +01:00 |
|
POTIER Mathieu
|
dda1fb5128
|
Put ssh keys on configured path in sshd_config (AuthorizedKeysFile)
Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu>
|
2015-11-17 11:09:37 +01:00 |
|
Bogdan Radulescu
|
13cf374efe
|
Added configuration options for ssh_config
Made a small change to reflect the default sshd_config
|
2015-10-01 15:21:16 +00:00 |
|
Bogdan Radulescu
|
fd4381b769
|
The default value for ServerKeyBits is 1024 both upstream and in distros
|
2015-07-30 12:27:05 +00:00 |
|
René Jochum
|
c27f9a81f3
|
Use iteritems() instead of items().
Signed-off-by: René Jochum <rene@jochums.at>
|
2015-07-13 16:00:22 +02:00 |
|
René Jochum
|
064d489f41
|
Use iteritems() instead of items().
Signed-off-by: René Jochum <rene@jochums.at>
|
2015-07-13 15:59:44 +02:00 |
|
René Jochum
|
a013b79027
|
Use iteritems() instead of items().
Signed-off-by: René Jochum <rene@jochums.at>
|
2015-07-13 15:56:25 +02:00 |
|
elfixit
|
18ba94d0fc
|
add options to give a key size to generate_key
|
2015-07-12 18:09:26 +02:00 |
|
Ingo Bente
|
a927107b28
|
Adds support to customize /etc/ssh/moduli file
|
2015-07-02 19:09:41 +02:00 |
|
Ingo Bente
|
83bb5ac5a0
|
adds support to harden sshd_config (KeyExchange, Ciphers, MACs)
|
2015-06-30 14:33:57 +02:00 |
|
Thomas Juberg
|
6b68c44583
|
Stop messing up the first line in ssh_known_hosts
|
2015-06-25 14:28:26 +02:00 |
|
Imran Haider
|
4dddff0ccd
|
Fix service name for Arch Linux
|
2015-06-20 14:24:51 -04:00 |
|
Niels Abspoel
|
2a68ccac1a
|
Add option to remove ssh_host_keys
|
2015-06-07 20:37:33 +02:00 |
|
Niels Abspoel
|
ca62b7d118
|
Improve default lookup
Added defaults.yaml and map.jinja similar to template-formula and salt-formula
|
2015-06-02 22:52:59 +02:00 |
|
jvblasco
|
60691ef20d
|
Fix bug that added : at the end of the key
|
2015-05-22 14:32:57 +02:00 |
|
Raphaël Hertzog
|
1b74efd2d0
|
Add a new openssh.known_hosts state
This state manages /etc/ssh/ssh_known_hosts and fills it with
public SSH host keys of other minions.
|
2015-03-26 17:50:32 +01:00 |
|
Marc Schiffbauer
|
c6aeaf4dc5
|
add gentoo support
|
2015-03-23 14:56:12 +01:00 |
|
Marc Schiffbauer
|
28e0916840
|
sort distros alphabetically
|
2015-03-23 14:55:40 +01:00 |
|
Bernd Schlapsi
|
6efc981885
|
Refactor auth.sls to allow more keys for one user
|
2015-01-28 22:17:07 +01:00 |
|
Niels Abspoel
|
33ee945557
|
Added AllowUsers,AllowGroups,DenyUsers,DenyGroups
This will add more options to set to secure openssh
- AllowUsers
- AllowGroups
- DenyUsers
- DenyGroups
|
2015-01-16 22:56:59 +01:00 |
|
Bohdan Kmit
|
b843d8168b
|
add ed25519 host key type; add AuthenticationMethods option
|
2015-01-16 17:21:10 +00:00 |
|
Niels Abspoel
|
5871efb5bd
|
added archlinux support to openssh map.jinja
|
2015-01-01 00:44:17 +01:00 |
|
Franz Pletz
|
5d0f69ad2c
|
Cleanups for host key pillar example
|
2014-12-15 07:00:45 +01:00 |
|
Franz Pletz
|
33f21a0976
|
Add support for ED25519 host keys
|
2014-12-15 07:00:17 +01:00 |
|
Nitin Madhok
|
620cc0f199
|
Update map.jinja
|
2014-12-08 16:01:00 -05:00 |
|
Nitin Madhok
|
131a5cafcb
|
Update map.jinja
|
2014-12-08 15:46:30 -05:00 |
|
Nitin Madhok
|
9263857193
|
Update map.jinja
Correct indentation
|
2014-12-08 15:43:40 -05:00 |
|
Niels Abspoel
|
1efce43d55
|
Added Opensuse support to map.jinja
|
2014-12-08 21:38:23 +01:00 |
|
Skyler Berg
|
a83409182f
|
Fix jinja spacing mistake for unknown options
When specifying multiple unknown ssh options, they would all appear on
the same line.
|
2014-11-18 14:58:57 -08:00 |
|
Tim Jones
|
09ca7de060
|
Allow newline after ListenAddress
|
2014-10-26 20:27:11 +01:00 |
|
Robert Fairburn
|
8616d3d130
|
fix comment
|
2014-09-19 12:01:57 -05:00 |
|
Robert Fairburn
|
b24101264f
|
make sure to match options as the options dict!
|
2014-09-19 11:26:10 -05:00 |
|
Robert Fairburn
|
1a2de43ed7
|
defaults do not need a prefix
|
2014-09-19 11:21:31 -05:00 |
|
Robert Fairburn
|
85c97b450a
|
fix a typo in keywords being sent improperly
|
2014-09-19 11:19:37 -05:00 |
|
Robert Fairburn
|
abf6e09fbb
|
Fix a typo in the match jinja
|
2014-09-19 11:16:58 -05:00 |
|
Robert Fairburn
|
ba72c1e8b7
|
remove prefix when not needed
|
2014-09-19 10:55:19 -05:00 |
|
Robert Fairburn
|
c100fc88a3
|
allow for "Match" inside of an sshd_config
|
2014-09-19 10:47:35 -05:00 |
|
Alan Pearce
|
6fb57f40bc
|
Config: Add support for generating keys
|
2014-08-24 16:09:12 +01:00 |
|
Alan Pearce
|
73eaef4ea0
|
Config: Add support for ECDSA host keys
|
2014-08-24 11:55:38 +01:00 |
|
Alan Pearce
|
ce46343562
|
Config: Refactor host key provisioning into loop
|
2014-08-24 11:55:38 +01:00 |
|
Alan Pearce
|
2876a691b0
|
Remove reference to root group
By not specifying it, root user's group should be used.
|
2014-08-19 21:44:38 +01:00 |
|
Alan Pearce
|
edc208b79b
|
Add FreeBSD compatibility
|
2014-08-08 13:38:27 +01:00 |
|
Wes Turner
|
970777b9bb
|
Add a UseDNS option to sshd_config
|
2014-07-22 00:35:11 -05:00 |
|
Oleg Tsarev
|
48ebd1b07b
|
Changed sshd_config generation to more readable scheme.
Synced file with default from Ubuntu 12.04 latest
|
2014-05-05 19:28:13 +04:00 |
|
Seth House
|
cee3f097f0
|
Merge pull request #12 from z-saltstack/auth-sls-clean-whitespaces
Removed unneeded whitespace from auth.sls
|
2014-04-28 18:03:58 -06:00 |
|
matthew-parlette
|
cdfab3953d
|
Define a line for each option.
This provides a default option (according to the package-provided config file) for each option in the config.
|
2014-04-26 18:22:17 -04:00 |
|
Oleg Tsarev
|
7521398506
|
Removed unneeded whitespace from auth.sls
|
2014-04-26 22:40:29 +02:00 |
|
matthew-parlette
|
2f28a008c2
|
Cleared out static parts of config since it was causing issues
|
2014-04-25 16:33:07 -04:00 |
|
Seth House
|
b44c26cd13
|
Moved the rsa/dsa key management to config.sls
|
2014-03-17 16:17:04 -06:00 |
|
Seth House
|
351a6b81dc
|
Merge remote-tracking branch 'origin/pr/3'
Conflicts:
openssh/files/sshd_config
openssh/init.sls
pillar.example
|
2014-03-17 16:14:17 -06:00 |
|
Carlos Perelló Marín
|
e2cddca13e
|
Reverted the namespace change to avoid conflicts and backward incompatibilities
|
2014-02-09 23:42:52 +01:00 |
|
Carlos Perelló Marín
|
47211d0648
|
Added support to manage ssh certificates
|
2014-02-09 23:38:30 +01:00 |
|
Kenny Do
|
6e418aa945
|
added a state that installs the openssh client
|
2014-01-18 05:00:20 -08:00 |
|
Kenny Do
|
b0c7009cb2
|
updated sshd_config file to be populated by pillar
|
2014-01-09 05:03:44 -08:00 |
|
Kenny Do
|
9f70270643
|
explicitly set the user, group, and mode to match the package's
sshd_config
|
2014-01-09 04:57:00 -08:00 |
|
Kenny Do
|
dc53d0c295
|
fixed the name of the service that the openssh config is watched by
|
2014-01-09 04:54:49 -08:00 |
|
Kenny Do
|
07771c0ebf
|
Split the sshd_config and banner components into sub-states
|
2014-01-03 18:32:05 -08:00 |
|
Kenny Do
|
0a2468d87a
|
created a map.jinja and updated openssh state to use those values
|
2014-01-03 16:54:51 -08:00 |
|
Mark Eggert
|
2e229681c7
|
Adding a small variable to the OpenSSH sshd_config file so that the service will work correctly on Centos 6.4 and earlier
|
2014-01-03 00:11:17 -06:00 |
|
Mark Eggert
|
d35929876f
|
Modifying OpenSSH formula service name on RedHat since it is called 'sshd', not 'ssh'
|
2014-01-02 23:50:59 -06:00 |
|
Mark Eggert
|
92ac8a32aa
|
Modifying OpenSSH formula state to populate public/private DSA and RSA keys based on pillar data
|
2014-01-02 22:34:48 -06:00 |
|
brandonparsons
|
90ce0d262f
|
Specify the service name for ssh
Current code was asking for service 'openssh' which does not exist. It is 'ssh'. Specifying a name in the `service.running` block fixes this.
|
2013-12-05 05:57:21 -07:00 |
|
Thomas S Hatch
|
1224ee95f0
|
Add openssh files
|
2013-06-13 11:16:18 -06:00 |
|