Enable $ssh_hardened_ssl for FreeBSD

It is the only sshd_config template that didn't have this option, so
copy it from the other templates.

Signed-off-by: Gabriel Filion <lelutin@gmail.com>

diff --git a/templates/sshd_config/FreeBSD.erb b/templates/sshd_config/FreeBSD.erb
index 6714003e2027df116d3a98456ccdd174a69baf48..38738bca79f2c2f99daa859e218a5cfc21b297bf 100644 (file)
--- a/templates/sshd_config/FreeBSD.erb
+++ b/templates/sshd_config/FreeBSD.erb
@@ -232,6 +232,11 @@ AllowUsers <%= sshd_allowed_users -%>
 AllowGroups <%= sshd_allowed_groups %>
 <%- end %>
 
+<%- if sshd_hardened_ssl.to_s == 'yes' then -%>
+Ciphers aes256-ctr
+MACs hmac-sha1
+<%- end -%>
+
 <%- unless sshd_tail_additional_options.to_s.empty? then %>
 <%= sshd_tail_additional_options %>
 <%- end %>