diff options
| author | Micah Anderson <micah@leap.se> | 2015-09-11 08:34:57 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@leap.se> | 2015-09-11 08:34:57 -0400 |
| commit | c0c06c6be819126cec6adb359a7e52c95f51defe (patch) | |
| tree | a24e98248ba506dcfd883533c2e301030b080ec2 | |
| parent | 84e6ad1978f8952e28d8935c01b4344c0d62ddbd (diff) | |
| parent | 818930af8a05dc44372b99f8e589527050120431 (diff) | |
Merge remote-tracking branch 'elijah/feature/sshconfig' into develop
| -rw-r--r-- | provider_base/common.json | 3 | ||||
| -rw-r--r-- | puppet/modules/site_sshd/manifests/init.pp | 18 |
2 files changed, 13 insertions, 8 deletions
diff --git a/provider_base/common.json b/provider_base/common.json index 3d2965d7..e968dd27 100644 --- a/provider_base/common.json +++ b/provider_base/common.json @@ -16,6 +16,9 @@ }, "ssh": { "authorized_keys": "= authorized_keys", + "config": { + "AllowTcpForwarding": "no" + }, "port": 22, "mosh": { "ports": "60000:61000", diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp index 1da2f1d5..170be32c 100644 --- a/puppet/modules/site_sshd/manifests/init.pp +++ b/puppet/modules/site_sshd/manifests/init.pp @@ -1,6 +1,7 @@ class site_sshd { - $ssh = hiera_hash('ssh') - $hosts = hiera('hosts', '') + $ssh = hiera_hash('ssh') + $ssh_config = $ssh['config'] + $hosts = hiera('hosts', '') ## ## SETUP AUTHORIZED KEYS @@ -52,11 +53,12 @@ class site_sshd { ## SSHD SERVER CONFIGURATION ## class { '::sshd': - manage_nagios => false, - ports => [ $ssh['port'] ], - use_pam => 'yes', - hardened_ssl => 'yes', - print_motd => 'no', - manage_client => false + manage_nagios => false, + ports => [ $ssh['port'] ], + use_pam => 'yes', + hardened_ssl => 'yes', + print_motd => 'no', + tcp_forwarding => $ssh_config['AllowTcpForwarding'], + manage_client => false } } |