Merge branch 'master' of git://labs.riseup.net/shared-sshd

author Silvio Rhatto <rhatto@riseup.net>

Wed, 13 Jul 2011 21:39:18 +0000 (18:39 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Wed, 13 Jul 2011 21:39:18 +0000 (18:39 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Wed, 13 Jul 2011 21:39:18 +0000 (18:39 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Wed, 13 Jul 2011 21:39:18 +0000 (18:39 -0300)
diff --cc manifests/init.pp

index bfefaab67ee2d4cef01e278aa5bfa959064f6be4,e933a46b8ab53f267f323e703667af1567c2034a..af25e9ebd661ce8ec6c4708457de19590430d0a2
--- 1/manifests/init.pp
--- 2/manifests/init.pp
+++ b/manifests/init.pp
@@@ -89,17 -92,8 +92,17 @@@ class sshd 
     case $sshd_ensure_version {
       '': { $sshd_ensure_version = "present" }
     }
+ +  case $sshd_print_motd {
+ +    '': { $sshd_print_motd = "yes" }
+ +  }
+ +  case $sshd_shared_ip {
+ +    '': { $sshd_shared_ip = "no" }
+ +  }
+ +  case $sshd_use_strong_ciphers {
+ +    '': { $sshd_use_strong_ciphers = "no" }
+ +  }
   
-   include sshd::client 
+   include sshd::client
   
     case $operatingsystem {
       gentoo: { include sshd::gentoo }
diff --cc templates/sshd_config/CentOS.erb
Simple merge
diff --cc templates/sshd_config/Debian_etch.erb

index 562b1efb2038e48bf617faec1dfc182c76c40b7e,23559fcb62e1f68abddf9d1546e65970c653a7dd..93fefc27c30b3824e8bdac9d07aae7069a4ba941
--- 1/templates/sshd_config/Debian_etch.erb
--- 2/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@@ -174,10 -170,13 +170,15 @@@ AllowUsers <%= sshd_allowed_users -%
   AllowGroups <%= sshd_allowed_groups %>
   <%- end %>
   
- -PrintMotd no
+ +<%- if sshd_print_motd.to_s == 'no' then -%>
+ +  PrintMotd no
+ +<%- end -%>
   
+ <%- if sshd_hardened_ssl.to_s == 'yes' then -%>
+ Ciphers aes256-ctr
+ MACs hmac-sha1
+ <%- end -%>
+ 
   <%- unless sshd_tail_additional_options.to_s.empty? then %>
   <%= sshd_tail_additional_options %>
   <%- end %>
diff --cc templates/sshd_config/Debian_lenny.erb

index 022d2d9911efec23df7296f51cccaab5b23c40dd,65befdcad1859fb12af9a8ca69a9d55bc7bcfcd2..0c551e5f7f45464e35dc0fac0c1b45dc02858128
--- 1/templates/sshd_config/Debian_lenny.erb
--- 2/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@@ -181,10 -179,13 +179,15 @@@ AllowUsers <%= sshd_allowed_users -%
   AllowGroups <%= sshd_allowed_groups %>
   <%- end %>
   
+ +<%- if sshd_print_motd.to_s == 'no' then -%>
   PrintMotd no
+ +<%- end -%>
   
+ <%- if sshd_hardened_ssl.to_s == 'yes' then -%>
+ Ciphers aes256-ctr
+ MACs hmac-sha1
+ <%- end -%>
+ 
   <%- unless sshd_tail_additional_options.to_s.empty? then %>
   <%= sshd_tail_additional_options %>
   <%- end %>
diff --cc templates/sshd_config/Debian_squeeze.erb
Simple merge
diff --cc templates/sshd_config/Gentoo.erb
Simple merge
diff --cc templates/sshd_config/OpenBSD.erb
Simple merge
author	Silvio Rhatto <rhatto@riseup.net>
	Wed, 13 Jul 2011 21:39:18 +0000 (18:39 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Wed, 13 Jul 2011 21:39:18 +0000 (18:39 -0300)
		1	2
manifests/init.pp	patch \|	diff1 \|	diff2 \|	blob \| history
templates/sshd_config/CentOS.erb	patch \|	diff1 \|	diff2 \|	blob \| history
templates/sshd_config/Debian_etch.erb	patch \|	diff1 \|	diff2 \|	blob \| history
templates/sshd_config/Debian_lenny.erb	patch \|	diff1 \|	diff2 \|	blob \| history
templates/sshd_config/Debian_squeeze.erb	patch \|	diff1 \|	diff2 \|	blob \| history
templates/sshd_config/Gentoo.erb	patch \|	diff1 \|	diff2 \|	blob \| history
templates/sshd_config/OpenBSD.erb	patch \|	diff1 \|	diff2 \|	blob \| history