puppet/ssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
417 Commits 1 Branch 0 Tags
Commit Graph

128 Commits

Author SHA1 Message Date
Bart-Jan Vrielink
9832dee0a0
Add for the possibility of an IPv6 address 
Also cover the case that there is no IPv4 address on an IPv6 only host.

Included are rspec tests for the sshkey resource

Test for correct host_aliases for the host's own sshkey resource.
3 possible combinations of IPv4 and IPv6 address are tested.
Not tested are:
- Virtual sshkey resources from other hosts.
- Other parameters for the sshkey resource (type, key)
- Non-default values for ssh_key_ensure and ssh_key_import.
 2019-04-29 16:15:14 +02:00
Asif Maqbool
1c0d3f6bdb Add RevokedKeys option to sshd_config 
Co-authored-by: Garrett Honeycutt <code@garretthoneycutt.com>
 2018-10-08 15:38:54 -04:00
Martin Alfke
ff11ca8a9b Disable ServerkeyBits on RHEL 7.4 and later 
fixes #244
replaces #259

update spec tests to test changes
mock operatingsystemrelease in default_facts
 2018-07-27 07:36:42 +02:00
Garrett Honeycutt
3d3121a183
Merge pull request #257 from baurmatt/AuthenticationMethods 
Add sshd_config_authenticationmethods parameter
 2017-12-10 20:59:25 -05:00
e.vanhazendonk
2ca1bdfcca Add support for AllowAgentForwarding option in sshd_config 2017-12-10 19:27:35 -05:00
Matthias Baur
bc4c8a82a6 Add sshd_config_authenticationmethods parameter 
This commit adds support for AuthenticationMethods by adding the
sshd_config_authenticationmethods parameter. Credits to @Saford91 for
the first implementation.
 2017-12-10 20:29:02 +01:00
Garrett Honeycutt
cc2d310436 (GH-251) Fix regex for sshd_config_maxstartups 2017-11-20 09:44:17 -05:00
Phil Friderici
1cc9edea3a Add config_entries parameter 
Uses create_resources() to create ssh::config_entry resources for the given hash.
Does respect hiera_merge parameter accordingly.
 2017-09-21 13:17:52 +00:00
Jeff McCune
68dd872428 Add ssh::config_entry defined type 
This patch adds a mechanism to manage ~/.ssh/config entries using the
concat module.
 2017-09-15 13:33:58 -04:00
David Hollinger
4cefc65069 Update hostcertificated to take both Strings and Arrays 2017-07-24 14:36:10 -05:00
David Hollinger
717a237cc0 Add parameter to set AuthorizedPrincipalsFile setting 2017-07-24 13:42:13 -05:00
David Hollinger
ec5141de84 Update HostCertificate to take an array of certs 2017-07-24 13:42:13 -05:00
Mears148
5368e52b30 Add PrintLastLog, UsePrivilegeSeparation, and Compression 2017-05-26 13:27:16 -04:00
Yoann Laissus
48576111c6 Make sure the ssh config dir is present before trying to define the known host file. 2017-05-18 15:25:38 +02:00
Garrett Honeycutt
84f0078a32 Allow sshd_config_trustedusercakeys to be 'none' as per the docs 2017-05-17 10:51:46 -04:00
David Hollinger
b67aefd3c4 Add support for HostCertificate and TrustedUserCAKeys settings in sshd_config 2017-05-17 10:47:04 -04:00
Martin Narkiewicz
4cf16192a5 Add support for PubkeyAcceptedKeyTypes option to sshd_config 2017-03-16 10:48:13 -07:00
Phil Friderici
b476a3f725 Enhance compatibility with Solaris 
Some OpenSSH parameters are not compatible with Solaris SSH.
They do break if they are included into the configuration file(s).

This patch does not include them by default on Solaris anymore.

Changed parameters:
sshd_config_tcp_keepalive   (TCPKeepAlive in sshd_config)
sshd_config_permittunnel    (PermitTunnel in sshd_config)
sshd_config_maxsessions     (MaxSessions  in sshd_config)
ssh_config_hash_known_hosts (HashKnownHosts in ssh_config)
 2017-02-27 09:10:12 +01:00
Björn Becker
326106b5c7 Remove join from validate_absolute_path for sshd_config_hostkey 2016-11-10 17:16:26 +01:00
Garrett Honeycutt
00829437ba Merge pull request #186 from andrei693/Expose_PermitTunnel_from_sshd_config 
Expose PermitTunnel from sshd_config
 2016-10-25 11:25:37 -04:00
Andrei Brezan
e044e4c89f Expose PermitTunnel from sshd_config 2016-10-24 17:18:25 +02:00
Garrett Honeycutt
6f34248977 Fixup mlosapio's contribution 2016-10-20 17:47:04 -04:00
Michael LoSapio
64008a427f Add support for ProxyCommand in ssh_config 2016-10-20 16:04:15 -04:00
43d6107949 adding support for KexAlgorithms 2016-10-19 14:01:24 -07:00
Bosse Andersson
f41d7966ab Add configurable param X11UseLocalhost to sshd_config 2016-10-04 12:55:06 +02:00
Garrett Honeycutt
d13c324001 Add support for Ubuntu 16.04 LTS 2016-08-28 20:55:00 -04:00
Andrei Brezan
d68ebec55d Expose TCPKeepAlive from sshd_config 2016-08-18 10:24:41 +02:00
jthiesfeld
cb09aedee6 Adding two new options for sshd_config PermitEmptyPasswords and 
PermitUserEnvironment
 2016-06-21 15:52:55 -05:00
Sergii Kipot
0d936a954c Add support for multiple files in GlobalKnownHostsFile ssh option 
Array option ssh_config_global_known_hosts_list implemented
 2016-06-15 20:36:58 +02:00
Sergii Kipot
5be19cd1d7 Add support for UserKnownHostsFile ssh option 
Array option ssh_config_user_known_hosts_file implemented
 2016-06-15 17:52:53 +02:00
Garrett Honeycutt
6e920cab49 Merge pull request #162 from andrei693/Add_multiple_ports_option_to_sshd_config_port 
Change sshd_config_port to support multiple port numbers
 2016-06-09 16:47:25 -04:00
Andrei Brezan
1c78f1e732 Change sshd_config_port to support multiple port numbers, string/integer/array 2016-06-09 12:41:12 +02:00
Florian Faltermeier
49c799afb3 add support for PubkeyAuthentication in sshd_config 2016-06-08 15:25:24 +02:00
Florian Faltermeier
b0b245e2ed add host_aliases attribute to sshkey resource 2016-06-07 10:49:37 +02:00
Florian Faltermeier
a7a15c203e allow ecdsa-sha2-nistp256 hostkeys 2016-06-07 09:15:06 +02:00
Garrett Honeycutt
cbc1db4819 Merge pull request #170 from ghoneycutt/maxauthtries 
Add param to manage MaxAuthTries in sshd_config
 2016-06-06 13:56:21 -04:00
jthiesfeld
e1841e04d8 Add param to manage MaxAuthTries in sshd_config 2016-06-06 12:49:20 -04:00
Nasredine Bentoumi
c04c0cca92 Fix Solaris ssh issue - AddressFamily not supported 2016-06-06 12:27:48 -04:00
Garrett Honeycutt
88f857d6b6 Work with apazga on adding config options for ssh_config 2016-06-04 10:42:02 -04:00
Abel Paz
b48e066f21 Additional parameters for ssh_config 
To allow the following options to be configured in ssh_config
* StrictHostKeyChecking
* EnableSSHKeysign
* HostbasedAuthentication for ssh_client
 2016-06-04 10:36:17 -04:00
Phil Friderici
bbdb6d4f5e Enhance Puppet v4 compatibility 2016-02-24 12:02:22 +01:00
Anders Larsson
32bdfdd20d Add UseRoaming only on supported ssh versions 
Facts ssh_version and ssh_version_numeric is now used in the decision of
including UseRoaming in ssh_version.
 2016-02-23 11:58:48 +01:00
Phil Friderici
38260e68c4 Set UseRoaming parameter only on Linux clients 
- add variable validation
- add tests
 2016-01-15 15:16:09 +01:00
Michael Merideth
7da166afb8 mitigate client bugs CVE-2016-0777 and CVE-2016-0778 2016-01-14 14:31:12 -07:00
Garrett Honeycutt
32c633f5a5 Use community puppet-lint plugins and conform code to them 2015-12-15 16:10:04 -05:00
Tom De Vylder
8876844637 Add parameter sshd_addressfamily 2015-12-10 09:59:19 -05:00
Daniel Fairhurst
e67cea8e24 Add a parameter to allow disabling management of the ssh service 2015-10-15 13:13:11 -04:00
Phil Friderici
45ef1ddbaa add default SFTP subsystem for SLES12 2015-10-07 15:28:54 +02:00
Roy Williams
e649f71ef9 Add support for KerberosAuthentication option in sshd. 2015-09-03 15:01:30 -04:00
Phil Friderici (ephifre)
0de49e43f7 fix for hiera_array() always returning an empty array 2015-08-11 13:35:42 +02:00