93 lines
3.1 KiB
Plaintext
93 lines
3.1 KiB
Plaintext
# This file is being maintained by Puppet.
|
|
# DO NOT EDIT
|
|
|
|
# $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
|
|
|
|
# This is the ssh client system-wide configuration file. See
|
|
# ssh_config(5) for more information. This file provides defaults for
|
|
# users, and the values can be changed in per-user configuration files
|
|
# or on the command line.
|
|
|
|
# Configuration data is parsed as follows:
|
|
# 1. command line options
|
|
# 2. user-specific file
|
|
# 3. system-wide file
|
|
# Any configuration value is only changed the first time it is set.
|
|
# Thus, host-specific definitions should be at the beginning of the
|
|
# configuration file, and defaults at the end.
|
|
|
|
# Site-wide defaults for some commonly used options. For a comprehensive
|
|
# list of available options, their meanings and defaults, please see the
|
|
# ssh_config(5) man page.
|
|
|
|
# Host *
|
|
# ForwardAgent no
|
|
# ForwardX11 no
|
|
# RhostsRSAAuthentication no
|
|
# RSAAuthentication yes
|
|
PasswordAuthentication yes
|
|
PubkeyAuthentication yes
|
|
# HostbasedAuthentication no
|
|
# BatchMode no
|
|
# CheckHostIP yes
|
|
# AddressFamily any
|
|
# ConnectTimeout 0
|
|
# StrictHostKeyChecking ask
|
|
# IdentityFile ~/.ssh/identity
|
|
IdentityFile ~/.ssh/id_rsa
|
|
IdentityFile ~/.ssh/id_dsa
|
|
# Port 22
|
|
Protocol 2
|
|
# Cipher 3des
|
|
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
|
|
<% if @ssh_config_ciphers -%>
|
|
Ciphers <%= @ssh_config_ciphers.join(',') %>
|
|
<% end -%>
|
|
# EscapeChar ~
|
|
# Tunnel no
|
|
# TunnelDevice any:any
|
|
# PermitLocalCommand no
|
|
# HashKnownHosts no
|
|
<% if @ssh_config_hash_known_hosts_real != nil -%>
|
|
HashKnownHosts <%= @ssh_config_hash_known_hosts_real %>
|
|
<% end -%>
|
|
<% if @ssh_config_global_known_hosts_file -%>
|
|
GlobalKnownHostsFile <%= @ssh_config_global_known_hosts_file %>
|
|
<% end -%>
|
|
Host *
|
|
# GSSAPIAuthentication yes
|
|
GSSAPIAuthentication <%= @ssh_gssapiauthentication %>
|
|
<% if @ssh_gssapidelegatecredentials != nil -%>
|
|
GSSAPIDelegateCredentials <%= @ssh_gssapidelegatecredentials %>
|
|
<% end -%>
|
|
# If this option is set to yes then remote X11 clients will have full access
|
|
# to the original X11 display. As virtually no X11 client supports the untrusted
|
|
# mode correctly we set this to yes.
|
|
<% if @ssh_config_forward_x11_trusted_real != nil -%>
|
|
ForwardX11Trusted <%= @ssh_config_forward_x11_trusted_real %>
|
|
<% end -%>
|
|
<% if @ssh_config_forward_agent != nil -%>
|
|
ForwardAgent <%= @ssh_config_forward_agent %>
|
|
<% end -%>
|
|
<% if @ssh_config_forward_x11 != nil -%>
|
|
ForwardX11 <%= @ssh_config_forward_x11 %>
|
|
<% end -%>
|
|
<% if @ssh_config_use_roaming != nil -%>
|
|
UseRoaming <%= @ssh_config_use_roaming %>
|
|
<% end -%>
|
|
<% if @ssh_config_server_alive_interval != nil -%>
|
|
ServerAliveInterval <%= @ssh_config_server_alive_interval %>
|
|
<% end -%>
|
|
<% if @ssh_sendenv_real == true -%>
|
|
# Send locale-related environment variables
|
|
SendEnv LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
|
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
|
SendEnv LC_IDENTIFICATION LC_ALL
|
|
<% if @ssh_config_sendenv_xmodifiers_real == true -%>
|
|
SendEnv XMODIFIERS
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if @ssh_config_macs -%>
|
|
MACs <%= @ssh_config_macs.join(',') %>
|
|
<% end -%>
|