From: Silvio Rhatto <rhatto@riseup.net>
Date: Wed, 23 Feb 2011 17:25:18 +0000 (-0300)
Subject: Changing parameter name sshd_perfect_forward_secrecy to sshd_use_strong_ciphers as... 
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=9ac4697eb546304ebc20d85aeeb93a73ca0fed5c;p=puppet-sshd.git

Changing parameter name sshd_perfect_forward_secrecy to sshd_use_strong_ciphers as sshd already does PFS
---

diff --git a/manifests/init.pp b/manifests/init.pp
index b4e4788..bfefaab 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -95,8 +95,8 @@ class sshd {
   case $sshd_shared_ip {
     '': { $sshd_shared_ip = "no" }
   }
-  case $sshd_perfect_forward_secrecy {
-    '': { $sshd_perfect_forward_secrecy = "no" }
+  case $sshd_use_strong_ciphers {
+    '': { $sshd_use_strong_ciphers = "no" }
   }
 
   include sshd::client 
diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb
index ea04fe6..e85eab3 100644
--- a/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@ -189,7 +189,7 @@ PrintMotd no
 <%= sshd_tail_additional_options %>
 <%- end %>
 
-<%- if sshd_perfect_forward_secrecy.to_s == 'yes' then -%>
+<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%>
 Ciphers aes256-ctr
 MACs hmac-sha1
 <%- end %>
diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb
index 09f4351..38f8657 100644
--- a/templates/sshd_config/Debian_squeeze.erb
+++ b/templates/sshd_config/Debian_squeeze.erb
@@ -203,7 +203,7 @@ AllowGroups <%= sshd_allowed_groups %>
 <%= sshd_tail_additional_options %>
 <%- end %>
 
-<%- if sshd_perfect_forward_secrecy.to_s == 'yes' then -%>
+<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%>
 Ciphers aes256-ctr
 MACs hmac-sha1
 <%- end %>