# This file is being maintained by Puppet. # DO NOT EDIT # $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for # users, and the values can be changed in per-user configuration files # or on the command line. # Configuration data is parsed as follows: # 1. command line options # 2. user-specific file # 3. system-wide file # Any configuration value is only changed the first time it is set. # Thus, host-specific definitions should be at the beginning of the # configuration file, and defaults at the end. # Site-wide defaults for some commonly used options. For a comprehensive # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. # Host * # ForwardAgent no # ForwardX11 no # RhostsRSAAuthentication no # RSAAuthentication yes PasswordAuthentication yes PubkeyAuthentication yes # HostbasedAuthentication no <% if @ssh_hostbasedauthentication -%> HostbasedAuthentication <%= @ssh_hostbasedauthentication %> <% end -%> # BatchMode no # CheckHostIP yes # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask <% if @ssh_strict_host_key_checking -%> StrictHostKeyChecking <%= @ssh_strict_host_key_checking %> <% end -%> # IdentityFile ~/.ssh/identity IdentityFile ~/.ssh/id_rsa IdentityFile ~/.ssh/id_dsa # Port 22 Protocol 2 # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc <% if @ssh_config_ciphers -%> Ciphers <%= @ssh_config_ciphers.join(',') %> <% end -%> <% if @ssh_config_kexalgorithms -%> KexAlgorithms <%= @ssh_config_kexalgorithms.join(',') %> <% end -%> # EscapeChar ~ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no # HashKnownHosts no <% if @ssh_config_hash_known_hosts_real != nil -%> HashKnownHosts <%= @ssh_config_hash_known_hosts_real %> <% end -%> <% if @ssh_config_global_known_hosts_list_real -%> GlobalKnownHostsFile <%= @ssh_config_global_known_hosts_list_real.join(' ') %> <% end -%> <% if @ssh_config_proxy_command -%> ProxyCommand <%= @ssh_config_proxy_command %> <% end -%> Host * # GSSAPIAuthentication yes GSSAPIAuthentication <%= @ssh_gssapiauthentication %> <% if @ssh_gssapidelegatecredentials != nil -%> GSSAPIDelegateCredentials <%= @ssh_gssapidelegatecredentials %> <% end -%> # If this option is set to yes then remote X11 clients will have full access # to the original X11 display. As virtually no X11 client supports the untrusted # mode correctly we set this to yes. <% if @ssh_config_forward_x11_trusted_real != nil -%> ForwardX11Trusted <%= @ssh_config_forward_x11_trusted_real %> <% end -%> <% if @ssh_config_forward_agent != nil -%> ForwardAgent <%= @ssh_config_forward_agent %> <% end -%> <% if @ssh_config_forward_x11 != nil -%> ForwardX11 <%= @ssh_config_forward_x11 %> <% end -%> <% if (@ssh_config_use_roaming_real == 'yes') or (@ssh_config_use_roaming_real == 'no') -%> UseRoaming <%= @ssh_config_use_roaming_real %> <% end -%> <% if @ssh_config_server_alive_interval != nil -%> ServerAliveInterval <%= @ssh_config_server_alive_interval %> <% end -%> <% if @ssh_sendenv_real == true -%> # Send locale-related environment variables SendEnv LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT SendEnv LC_IDENTIFICATION LC_ALL <% if @ssh_config_sendenv_xmodifiers_real == true -%> SendEnv XMODIFIERS <% end -%> <% end -%> <% if @ssh_config_macs -%> MACs <%= @ssh_config_macs.join(',') %> <% end -%> <% if not @ssh_enable_ssh_keysign.nil? -%> # EnableSSHKeysign no EnableSSHKeysign <%= @ssh_enable_ssh_keysign %> <% end -%> <% if @ssh_config_user_known_hosts_file -%> UserKnownHostsFile <%= @ssh_config_user_known_hosts_file.join(' ') %> <% end -%>