]> gitweb.fluxo.info Git - puppet-sshd.git/commitdiff
projects / puppet-sshd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7834a2f)
OpenSSH HMAC: SHA1 -> SHA2-512 (suggested by duraconf)
authorSilvio Rhatto <rhatto@riseup.net>
Tue, 16 Jul 2013 18:26:56 +0000 (15:26 -0300)
committerSilvio Rhatto <rhatto@riseup.net>
Tue, 16 Jul 2013 18:26:56 +0000 (15:26 -0300)
12 files changed:
templates/sshd_config/CentOS.erb patch | blob | history
templates/sshd_config/CentOS_Final.erb patch | blob | history
templates/sshd_config/Debian_etch.erb patch | blob | history
templates/sshd_config/Debian_lenny.erb patch | blob | history
templates/sshd_config/Debian_sid.erb patch | blob | history
templates/sshd_config/Debian_squeeze.erb patch | blob | history
templates/sshd_config/Debian_wheezy.erb patch | blob | history
templates/sshd_config/FreeBSD.erb patch | blob | history
templates/sshd_config/Gentoo.erb patch | blob | history
templates/sshd_config/OpenBSD.erb patch | blob | history
templates/sshd_config/Ubuntu.erb patch | blob | history
templates/sshd_config/Ubuntu_lucid.erb patch | blob | history

diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb
index 0f4bb1f8df5c6f2c0675a3c5aa56b98aab6b6bb2..7498517083ce96cc31dda0b54f38acbee2c7a8c3 100644 (file)
--- a/templates/sshd_config/CentOS.erb
+++ b/templates/sshd_config/CentOS.erb
@@ -146,7 +146,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/CentOS_Final.erb b/templates/sshd_config/CentOS_Final.erb
index 0f4bb1f8df5c6f2c0675a3c5aa56b98aab6b6bb2..7498517083ce96cc31dda0b54f38acbee2c7a8c3 100644 (file)
--- a/templates/sshd_config/CentOS_Final.erb
+++ b/templates/sshd_config/CentOS_Final.erb
@@ -146,7 +146,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb
index ef4a5d106dd62a89eeceace0c9e62badb3385bbf..75b29318acf1fabb5bebda66837c93de6063223a 100644 (file)
--- a/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@ -114,7 +114,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb
index 8cbea306b12d988a3183b0208b23fb79af4cdf1d..3aaf974d3efa97c1e1b222f283c661ebe7367044 100644 (file)
--- a/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@ -119,7 +119,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_sid.erb b/templates/sshd_config/Debian_sid.erb
index 70bb4bfc6799e34269faee2e8085c7681d319186..60c15fa841e97c9a8c698cf2048f37c536ba1f32 100644 (file)
--- a/templates/sshd_config/Debian_sid.erb
+++ b/templates/sshd_config/Debian_sid.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb
index befd25fe7e9841b9a676afdeb01e37c28d12866b..40040d1b0a01969e5bbfaf28bcd6a919605e0797 100644 (file)
--- a/templates/sshd_config/Debian_squeeze.erb
+++ b/templates/sshd_config/Debian_squeeze.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_wheezy.erb b/templates/sshd_config/Debian_wheezy.erb
index 70bb4bfc6799e34269faee2e8085c7681d319186..60c15fa841e97c9a8c698cf2048f37c536ba1f32 100644 (file)
--- a/templates/sshd_config/Debian_wheezy.erb
+++ b/templates/sshd_config/Debian_wheezy.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/FreeBSD.erb b/templates/sshd_config/FreeBSD.erb
index 090149b8ea01a5379373887127b6e05239c354e1..81b7e10285497a3047f852e79e347ea9506e7dfd 100644 (file)
--- a/templates/sshd_config/FreeBSD.erb
+++ b/templates/sshd_config/FreeBSD.erb
@@ -153,7 +153,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb
index 1cb45227c7a707db210d8b004629e61076c0a388..cdd51d845bb1a3ba0af9887d0116db8ad68efd0a 100644 (file)
--- a/templates/sshd_config/Gentoo.erb
+++ b/templates/sshd_config/Gentoo.erb
@@ -149,7 +149,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb
index aa92eb66a983924c3bb10f959adbd8d11874c071..ea6e8a859068e4d76879549df1b78b005bbc2da9 100644 (file)
--- a/templates/sshd_config/OpenBSD.erb
+++ b/templates/sshd_config/OpenBSD.erb
@@ -130,7 +130,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Ubuntu.erb b/templates/sshd_config/Ubuntu.erb
index befd25fe7e9841b9a676afdeb01e37c28d12866b..40040d1b0a01969e5bbfaf28bcd6a919605e0797 100644 (file)
--- a/templates/sshd_config/Ubuntu.erb
+++ b/templates/sshd_config/Ubuntu.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Ubuntu_lucid.erb b/templates/sshd_config/Ubuntu_lucid.erb
index cc6e921b4d28d59545ffae0711908fd60d65ec29..4d5f6405de583bfa378d5fff6c4dbf69d79ddce5 100644 (file)
--- a/templates/sshd_config/Ubuntu_lucid.erb
+++ b/templates/sshd_config/Ubuntu_lucid.erb
@@ -118,7 +118,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha1
+MACs hmac-sha2-512
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
Puppet module for sshd