saltstack-formulas/openssh-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
189 Commits 3 Branches 27 Tags
Commit Graph

104 Commits

Author SHA1 Message Date
Alexander Weidinger
674216d0ad openssh.auth_map 2017-03-04 14:21:53 +01:00
Alexander Weidinger
66c954ed66 Set correct ssh(d)_config_group for *BSD 2017-03-04 14:20:07 +01:00
amendlik
6d6c7a0ead Merge branch 'master' into file-mode 2017-02-25 06:40:30 -07:00
Niels Abspoel
044d4d646b Merge pull request #81 from leansalt/pillar-example-update 
Add secure defaults to pillar.example + secure sshd_config in defaults.yml #66
 2017-02-25 12:30:37 +01:00
ek9
038a51cdc8 manage sshd_config and ssh_config only if pillars are defined 2017-02-24 21:13:52 +01:00
ek9
c03e29a498 remove Kex,MACs,Ciphers from defaults 2017-02-24 21:13:35 +01:00
Adam Mendlik
613bea2cac Add variables for file owner and mode 2017-02-23 14:56:22 -07:00
Alexander Weidinger
70461403cb known_hosts: sort IP addresses 
in order to prevent unnecessary changes due to
random ordering of dig results.
 2017-02-23 03:59:40 +01:00
Alexander Weidinger
678cc9066c PrintLastLog missing in FreeBSD 10.3 2017-02-23 01:19:21 +01:00
ek9
f5a74f3fa0 defaults: enable secure defaults on sshd_config 2017-02-19 14:45:12 +01:00
Javier Bértoli
2db9253c45 Merge pull request #82 from pepoluan/allow_list_or_string 
Allow list or string for some option, and setting of ConfigBanner
 2017-02-07 07:26:44 -03:00
Eric Cook
f4ea96f9c1 setup sftp correctly on RedHat-like machines 2017-01-24 18:17:15 -05:00
Pandu E Poluan
773d9ae092 Apply string-or-list processing to ssh_config 
Now ssh_config also accepts string-or-list options, for serveral
keywords.
 2017-01-24 01:34:24 +07:00
Pandu E Poluan
30648d115e Add macro to handle string or list 
Added a macro to handle multivalue options entered in either string
format or list format (with auto joiner).
 2017-01-24 01:17:51 +07:00
Brian Jackson
b9689cedff Merge pull request #79 from leansalt/server-service-control 
Add ability to control SSH server service status (default: on)
 2017-01-15 21:48:04 -08:00
Eric Cook
686fc2c4ee do not set UsePAM on OpenBSD 
Upstream opensshd does not support PAM
 2017-01-14 18:38:37 -05:00
Simon Pirschel
1b69ecab2c fix issue with stripping new line will result in invalid SLS definition if AuthorizedKeysFile is missing in sshd_config 2016-11-02 15:21:50 +01:00
Simon Pirschel
2a1b8fbc66 fix issue sshd won't start if AddressFamily is specified, because it must be defined before ListenAddress 2016-11-01 13:24:30 +01:00
Forrest
ec663a6f5e Merge pull request #51 from mathieupotier/master 
Put ssh keys on configured path in sshd_config (AuthorizedKeysFile)
 2016-10-31 09:32:50 -07:00
Eric Cook
51fd8b1391 fix Subsystem directive on archlinux 2016-10-30 00:06:02 -04:00
omltorg
de66dbee97 Update name of package containing dig on ArchLinux 2016-10-14 22:25:56 +00:00
Johannes Löthberg
02b52fa7cf Add AuthorizedKeysCommand support 
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
 2016-10-01 20:53:44 +02:00
Mathieu POTIER
760a2ad277 fix the path to authkeys 
Allow user to specify aliased path (with %u)
 2016-08-02 09:54:46 +02:00
Mathieu POTIER
4c814843f8 Merge remote-tracking branch 'refs/remotes/saltstack-formulas/master' 2016-08-02 09:46:08 +02:00
Pandu E Poluan
e6603ae62a Allow moduli to be pulled as file 
Added Jinja logic to allow the option to pull the moduli from an online source.
 2016-08-01 23:59:11 +07:00
Lev Lozhkin
781be61881 Convert dig exist check to unless req 2016-07-19 13:23:48 -07:00
Jonathon Anderson
87057c7c6b Correct openssh-clients package name for Red Hat 2016-07-01 23:53:00 -06:00
Niels Abspoel
641851632f add more authentication options 2016-05-26 21:57:02 +02:00
Matthieu DERASSE
3542a1f534 Implement Session idle time out 2016-05-25 00:06:45 +02:00
Forrest
22037f7b8b Merge pull request #63 from llua/arch_bind_utils 
set dig_pkg on arch linux for issue #59
 2016-05-09 20:52:42 -07:00
Eric Cook
dfb04a43b4 set dig_pkg on arch linux for issue #59 2016-05-09 23:47:57 -04:00
llua
bd8d46d784 add OpenBSD to map.jinja 2016-05-09 23:44:20 -04:00
Forrest
f7c84783f0 Merge pull request #61 from babilen/relax-ssh-defaults 
Drop overly biased ssh_config defaults
 2016-05-04 12:32:48 -07:00
Wolodja Wentland
49923a6371 Drop overly opinionated ssh_config defaults 
This set of options reflect the ssh_config options that are set by
default on Debian. The way this was set before has the potential to
break exisisting setups that rely on "normal" defaults, rather than the
rather opinionated ones that are now being shipped with this formula.
 2016-05-04 18:25:01 +02:00
Simon Lloyd
daed52de19 Add sshd_config to map.jinja and check if dig command is available before installing 'dig' package. 2016-04-19 02:53:14 +02:00
Theo Chatzimichos
0abbaac60d Fix the default Subystem sftp-server path for SLE 2016-03-23 14:41:25 +01:00
Nigel Sim
1e515b0f5d make the host option rendering support lists by refactoring the main option rendering code 
put the ssh_config Host:* options in the defaults file so they can be overridden
 2016-01-14 02:57:45 +00:00
ketzacoatl
143451eb19 Add support for Host definitions in ssh_config 
This gives us the ability to define system-wide definitions for specific Hosts, and their options.

For example, with this in pillar:

```
# this is the place for host-wide SSH config
ssh_config:
  ...
  Hosts:
    # this simplifies cloning with custom params
    # eg: git clone my-git:foo/bar
    my-git:
      User: git
      HostName: git.example.com
      Port: 2222
```

This would add a section in `/etc/ssh/ssh_config`:

```
Host my-git
    User git
    HostName git.example.com
    Port 2222
```
 2016-01-02 18:12:55 -05:00
ek9
33344743b0 Add ability to control SSH server status (default: on) 2015-12-27 18:17:01 +01:00
abednarik
b813b4b52a Replaced iteritems deprecated function with items 2015-11-30 09:25:28 -03:00
abednarik
3791b11380 Added default path for sftp Subsystem in FreeBSD 2015-11-29 15:56:17 -03:00
POTIER Mathieu
f55445211c Specify config clause only if defined in pillar. 
Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu>
 2015-11-18 20:33:50 +01:00
POTIER Mathieu
dda1fb5128 Put ssh keys on configured path in sshd_config (AuthorizedKeysFile) 
Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu>
 2015-11-17 11:09:37 +01:00
Bogdan Radulescu
13cf374efe Added configuration options for ssh_config 
Made a small change to reflect the default sshd_config
 2015-10-01 15:21:16 +00:00
Bogdan Radulescu
fd4381b769 The default value for ServerKeyBits is 1024 both upstream and in distros 2015-07-30 12:27:05 +00:00
René Jochum
c27f9a81f3 Use iteritems() instead of items(). 
Signed-off-by: René Jochum <rene@jochums.at>
 2015-07-13 16:00:22 +02:00
René Jochum
064d489f41 Use iteritems() instead of items(). 
Signed-off-by: René Jochum <rene@jochums.at>
 2015-07-13 15:59:44 +02:00
René Jochum
a013b79027 Use iteritems() instead of items(). 
Signed-off-by: René Jochum <rene@jochums.at>
 2015-07-13 15:56:25 +02:00
elfixit
18ba94d0fc add options to give a key size to generate_key 2015-07-12 18:09:26 +02:00
Ingo Bente
a927107b28 Adds support to customize /etc/ssh/moduli file 2015-07-02 19:09:41 +02:00