summaryrefslogtreecommitdiff
path: root/templates/sshd_config/OpenBSD.erb
diff options
context:
space:
mode:
Diffstat (limited to 'templates/sshd_config/OpenBSD.erb')
-rw-r--r--templates/sshd_config/OpenBSD.erb20
1 files changed, 14 insertions, 6 deletions
diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb
index a6e0763..69e8afa 100644
--- a/templates/sshd_config/OpenBSD.erb
+++ b/templates/sshd_config/OpenBSD.erb
@@ -8,12 +8,20 @@
# possible, but leave them commented. Uncommented options change a
# default value.
-<%- unless sshd_port.to_s.empty? then %>
-Port <%= sshd_port %>
-<%- else %>
-Port 22
+<%- unless sshd_head_additional_options.to_s.empty? then %>
+<%= sshd_head_additional_options %>
<%- end %>
+<%- unless sshd_port.to_s.empty? then -%>
+<%- if sshd_port.to_s == 'off' then -%>
+#Port -- disabled by puppet
+<% else -%>
+Port <%= sshd_port -%>
+<% end -%>
+<%- else -%>
+Port 22
+<%- end -%>
+
# Use these options to restrict which interfaces/protocols sshd will bind to
<% for address in sshd_listen_address -%>
ListenAddress <%= address %>
@@ -178,6 +186,6 @@ AllowGroups <%= sshd_allowed_groups %>
# AllowTcpForwarding no
# ForceCommand cvs server
-<%- unless sshd_additional_options.to_s.empty? then %>
-<%= sshd_additional_options %>
+<%- unless sshd_tail_additional_options.to_s.empty? then %>
+<%= sshd_tail_additional_options %>
<%- end %>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 02:23:17 +0000