| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2011-06-21 | New opt-in support to only use strong SSL ciphers and MACs. | intrigeri | |
| The new configuration variable is $sshd_hardened_ssl. Settings were stolen from https://github.com/ioerror/duraconf.git. | |||
| 2011-04-03 | we should pass the architecture to devel packages | mh | |
| 2011-02-23 | Changing parameter name sshd_perfect_forward_secrecy to ↵ | Silvio Rhatto | |
| sshd_use_strong_ciphers as sshd already does PFS | |||
| 2011-02-22 | Merge remote-tracking branch 'lelutin/ubuntu' | Micah Anderson | |
| 2011-02-19 | Merge branch 'master' of git://labs.riseup.net/shared-sshd | Silvio Rhatto | |
| Conflicts: templates/sshd_config/Debian_squeeze.erb | |||
| 2011-02-19 | Pull together a more comprehensive README, moving the configurable variables ↵ | Micah Anderson | |
| from init.pp into the README, and detailing the other features, and requirements, of the module | |||
| 2011-02-14 | Merge remote branch 'shared/master' | intrigeri | |
| Conflicts: templates/sshd_config/Debian_squeeze.erb I always picked the shared repository version when conflicts arose. The only exception to this rule was: I kept my branch's "HostbasedUsesNameFromPacketOnly yes" in order to be consistent with existing Etch and Lenny templates. This is not the default Debian setting, but I would find it weird if a host had this setting changed by Puppet after upgrading to Squeeze. The right way to proceed would probably be to make this configurable. | |||
| 2011-02-13 | Merge branch 'master' of git://labs.riseup.net/shared-sshd | Silvio Rhatto | |
| 2011-01-30 | Enable support for Ubuntu | Gabriel Filion | |
| The sshd class currently has a mechanism to make resources for Ubuntu similar to the ones for Debian, but the sshd::client class doesn't. Also, There are no templates for sshd_config on Ubuntu so provide for them. Since Ubuntu releases almost all use ssh versions that are as recent as the Debian squeeze one, and the default sshd_config file is usually the same as on Debian, add a default (Ubuntu.erb) template so that it fits all Ubuntu releases. Signed-off-by: Gabriel Filion <lelutin@gmail.com> | |||
| 2011-01-30 | ssh_authorized_key: use $name for user by default | Gabriel Filion | |
| Currently ssh_authorized_key has some logic about $user being false or '', but it sets its value to default to 'root'. So, in order to use the name as the user's name, one has to clear the user parameter, which is totally redundant. Since it is sometimes useful to publish multiple keys for a user, the $user parameter is useful. To make using ssh_authorized_key for one-key normal users simpler, make $user default to being empty (which will use $name as the user name). 'root' can always be specified either via the name or by the $user paramter. Signed-off-by: Gabriel Filion <lelutin@gmail.com> | |||
| 2011-01-30 | Fix ssh_authorized_key | Gabriel Filion | |
| When one uses the $name to define the user that should receive an SSH key, setting $user to a negative value, ssh_authorized_key currently creates the authorized_keys file under /home/.ssh/authorized_keys Fix this by changing ${user} to ${real_user} in the key's path. Signed-off-by: Gabriel Filion <lelutin@gmail.com> | |||
| 2011-01-30 | Fix inclusion for default os | Gabriel Filion | |
| When the os of a client is not one of those that use a specialized class, (e.g. FreeBSD) the inclusion is currently broken: it tries to include sshd::default which does not exist. Change this to include sshd::base instead. Signed-off-by: Gabriel Filion <lelutin@gmail.com> | |||
| 2010-12-16 | Introducing perfect forward secrecy for SSH | Silvio Rhatto | |
| 2010-12-15 | remote KerberosGetAFSToken, its actually not a functional configuration ↵ | Micah Anderson | |
| option, even though it is listed in the man page, and commented out in the default config file. I filed a bug with debian (#607238) | |||
| 2010-12-14 | add Debian Squeeze sshd template. Enabled kerberos and gssapi options, using ↵ | Micah Anderson | |
| the defaults when not specified | |||
| 2010-10-21 | use realport | mh | |
| 2010-10-20 | use parametrized class to pass ssh_ports to open up things | mh | |
| 2010-10-20 | introduce that port also can't be the name, fix ensure problem | mh | |
| 2010-10-20 | extend sshd::nagios with ensure param | mh | |
| 2010-10-20 | add nagios_check_ssh_hostname to tweak the hostname which whould be ↵ | mh | |
| monitored, as this one might actually differ | |||
| 2010-10-20 | move define to own class | mh | |
| 2010-10-18 | Bugfix | intrigeri | |
| 2010-10-16 | bugfix | intrigeri | |
| 2010-10-16 | bugfix | intrigeri | |
| 2010-10-16 | New option sshd_ports that obsoletes sshd_port. | intrigeri | |
| Backward compatibility is preserved. | |||
| 2010-10-13 | sshd service has status and restart commands in post-etch Debian releases. | intrigeri | |
| 2010-10-04 | Simplify by using the config_file definition. | intrigeri | |
| 2010-06-03 | Using sshd::client::debian for ubuntu | Silvio Rhatto | |
| 2010-02-25 | Merge branch 'master' of git://labs.riseup.net/module_sshd | Silvio Rhatto | |
| 2010-02-21 | update nagios check_command to check ssh port. it was using ssh_port, it ↵ | Micah Anderson | |
| should be 'check_ssh_port' | |||
| 2010-01-30 | Renaming $sshd_internal_ip to $sshd_shared_ip | Silvio Rhatto | |
| 2009-12-28 | Merge branch 'master' of git://labs.riseup.net/module_sshd | Silvio Rhatto | |
| 2009-12-27 | Merge remote branch 'lavamind/master' | Micah Anderson | |
| 2009-12-27 | Reverting last change | Silvio Rhatto | |
| 2009-12-27 | Always including sshd::client::base | Silvio Rhatto | |
| 2009-12-27 | Using fqdn instead of hostname.domain | Silvio Rhatto | |
| 2009-12-27 | Using sshrsakey instead of sshrsakey_key | Silvio Rhatto | |
| 2009-12-27 | Introducing sshd_internal_ip variable | Silvio Rhatto | |
| 2009-12-27 | PrintMotd using default OpenSSH setting | Silvio Rhatto | |
| 2009-12-21 | update comments to include information about how to use the nagios | Micah Anderson | |
| checks and the pre-requirements | |||
| 2009-12-19 | fix the comments section so that the include isn't misleading. if you | Micah Anderson | |
| use 'include sshd::debian', then none of the variables are set, and you will fail to parse the templates | |||
| 2009-12-18 | remove fqdn from nagios service description (hostname is used in the ↵ | Jerome Charaoui | |
| internal nagios_service name) | |||
| 2009-12-18 | make key removal a bit easier | mh | |
| 2009-12-18 | enable that ssh auth-keys can be removed | mh | |
| 2009-12-11 | false != 'false' | mh | |
| 2009-12-10 | require class instead of requiring packages | mh | |
| 2009-12-10 | re-add shorewall in rule :/ | mh | |
| 2009-12-10 | undef or '' as default | mh | |
| 2009-12-10 | merged with riseup module, various cleaning up | mh | |
| 2009-12-07 | switch to new lsb way | mh | |
 |
index : puppet_sshd.git | |
| [puppet_sshd] | git repository hosting |
| summaryrefslogtreecommitdiff |