adjust template to not leave behind so many empty lines

diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb
index 0db99fbaa1753c522fd1c0bff4177760416be006..d33064ae3b74b3571db917cb72a5c6d913ea05c3 100644 (file)
--- a/templates/sshd_config/Debian_normal.erb
+++ b/templates/sshd_config/Debian_normal.erb
@@ -4,10 +4,10 @@
 # What ports, IPs and protocols we listen for
 
 <%- unless real_sshd_port.to_s.empty? then %>
-Port <%= real_sshd_port %>
-<%- else %>
+Port <%= real_sshd_port -%>
+<%- else -%>
 Port 22
-<%- end %>
+<%- end -%>
 
 # Use these options to restrict which interfaces/protocols sshd will bind to
 #ListenAddress ::
@@ -34,53 +34,53 @@ LogLevel INFO
 # Authentication:
 LoginGraceTime 600
 <%- unless real_sshd_permit_root_login.to_s.empty? then %>
-PermitRootLogin <%= real_sshd_permit_root_login %>
-<%- else %>
+PermitRootLogin <%= real_sshd_permit_root_login -%>
+<%- else -%>
 PermitRootLogin without-password
-<%- end %>
+<%- end -%>
 
 <%- if real_sshd_strict_modes.to_s == 'yes' then %>
 StrictModes yes
-<%- else %>
+<%- else -%>
 StrictModes no
-<%- end %>
+<%- end -%>
 
 <%- if real_sshd_rsa_authentication.to_s == 'yes' then %>
 RSAAuthentication yes
-<%- else %>
+<%- else -%>
 RSAAuthentication no
-<%- end %>
+<%- end -%>
 
 <%- if real_sshd_pubkey_authentication.to_s == 'yes' then %>
 PubkeyAuthentication yes
-<%- else %>
+<%- else -%>
 PubkeyAuthentication no
-<%- end %>
+<%- end -%>
 
 <%- unless real_sshd_authorized_keys_file.to_s.empty? then %>
 AuthorizedKeysFile <%= real_sshd_authorized_keys_file %>
-<%- else %>
+<%- else -%>
 AuthorizedKeysFile %h/.ssh/authorized_keys
-<%- end %>
+<%- end -%>
 
 # For this to work you will also need host keys in /etc/ssh_known_hosts
 <%- if real_sshd_rhosts_rsa_authentication.to_s == 'yes' then %>
 RhostsRSAAuthentication yes
-<%- else %>
+<%- else -%>
 RhostsRSAAuthentication no
 <% end -%>
 
 # Don't read the user's ~/.rhosts and ~/.shosts files
 <%- if real_sshd_ignore_rhosts.to_s == 'yes' then %>
 IgnoreRhosts yes
-<%- else %>
+<%- else -%>
 IgnoreRhosts no
 <% end -%>
 
 # similar for protocol version 2
 <%- if real_sshd_hostbased_authentication.to_s == 'yes' then %>
 HostbasedAuthentication yes
-<%- else %>
+<%- else -%>
 HostbasedAuthentication no
 <% end -%>
 
@@ -97,16 +97,16 @@ PermitEmptyPasswords no
 # Change to no to disable s/key passwords
 <%- if real_sshd_challenge_response_authentication.to_s == 'yes' then %>
 ChallengeResponseAuthentication yes
-<%- else %>
+<%- else -%>
 ChallengeResponseAuthentication no
-<%- end %>
+<%- end -%>
 
 # To disable tunneled clear text passwords, change to no here!
 <%- if real_sshd_password_authentication.to_s == 'yes' then %>
 PasswordAuthentication yes
-<%- else %>
+<%- else -%>
 PasswordAuthentication no
-<%- end %>
+<%- end -%>
 
 # To change Kerberos options
 #KerberosAuthentication no
@@ -119,9 +119,9 @@ PasswordAuthentication no
 
 <%- if real_sshd_x11_forwarding.to_s == 'yes' then %>
 X11Forwarding yes
-<%- else %>
+<%- else -%>
 X11Forwarding no
-<%- end %>
+<%- end -%>
 X11DisplayOffset 10
 KeepAlive yes
 #UseLogin no
@@ -143,27 +143,27 @@ KeepAlive yes
 # and ChallengeResponseAuthentication to 'no'.
 <%- if real_sshd_use_pam.to_s == 'yes' then %>
 UsePAM yes
-<%- else %>
+<%- else -%>
 UsePAM no
-<%- end %>
+<%- end -%>
 
 HostbasedUsesNameFromPacketOnly yes
 
 <%- if real_sshd_tcp_forwarding.to_s == 'yes' then %>
 AllowTcpForwarding yes
-<%- else %>
+<%- else -%>
 AllowTcpForwarding no
-<%- end %>
+<%- end -%>
 
 <%- if real_sshd_agent_forwarding.to_s == 'yes' then %>
 AllowAgentForwarding yes
-<%- else %>
+<%- else -%>
 AllowAgentForwarding no
-<%- end %>
+<%- end -%>
 
 ChallengeResponseAuthentication no
 
 <%- unless real_sshd_allowed_users.to_s.empty? then %>
-AllowUsers <%= real_sshd_allowed_users %>
-<%- end %>
+AllowUsers <%= real_sshd_allowed_users -%>
+<%- end -%>