Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-11-09 | [feat] Optinally disable exported resources | varac | |
If run masterless, we cannot export resources, so we move them to an own class. Including it can be disabled by passing "use_storedconfig" to the sshd class. | |||
2015-06-18 | disable autossh control port | Antoine Beaupré | |
this is important to make it easier to guess the ssh port from the central server. we rely on ServerAliveInterval instead to reconnect when we lose the server. this was unintentionally removed in november 2012 in the isuma-autossh package, saying it was "not supported everywhere" and due to some confusion about the defaults (defaults are to *enable* the port). see commit ec0ebdd9533a29ee4f62f9fbb84ee9e80219ef84 in there. | |||
2015-06-18 | make autossh fork properly | Antoine Beaupré | |
2015-06-18 | allow customizing user | Antoine Beaupré | |
2015-06-18 | rewrite autossh startup script with dh_make template | Antoine Beaupré | |
2015-06-18 | remove traces of isuma vendor | Antoine Beaupré | |
2015-06-18 | import from autossh package | Antoine Beaupré | |
2015-05-21 | Add newline to ssh_authorized_key file content | Jerome Charaoui | |
2015-05-21 | Simplify ssh_authorized_key | Jerome Charaoui | |
2015-05-21 | Revert "Simplify ssh_authorized_key" | Jerome Charaoui | |
puppet-lint complains about "selector inside resource" This reverts commit f3c0115743cab9d4e6c08b654b67631566572d41. | |||
2015-05-21 | Simplify ssh_authorized_key | Jerome Charaoui | |
2015-05-21 | Add header to ssh_authorized_key when override_builting = 1 | Jerome Charaoui | |
2015-05-21 | Fix invalid single quotes around variables | Jerome Charaoui | |
2015-05-20 | add override_builtin parameter to handle the common authorized_key directory ↵ | Matt Taggart | |
case | |||
2015-05-04 | Change 'hardened_ssl' paramter to simply 'hardened', this makes more | Micah Anderson | |
sense in general | |||
2015-04-17 | Merge branch 'hostkey_type' into 'master' | Antoine Beaupré | |
Hostkey type This is the pull request associated with: https://labs.riseup.net/code/issues/8285 See merge request !6 | |||
2015-01-15 | Debian squeeze and wheezy do not support the operatingsystemmajrelease fact ↵ | Jerome Charaoui | |
(they ship facter 1.6.x) | |||
2014-11-21 | Add a $hostkey_type variable that allows you to set which hostkey | Micah Anderson | |
types you want to support in your sshd_config. We use the ssh_version fact to determine the default hostkey types. Only enable rsa and ed25519 for ssh versions greater or equal to 6.5, otherwise enable rsa and dsa. Some distributions, such as debian, also enable ecdsa as a hostkey type, but this is a known bad NIST curve, so we do not enable that by default (thus deviating from the stock sshd config) | |||
2014-08-15 | move to os release number on centos for selection | mh | |
2014-06-10 | Openbsd also does not yet have it | mh | |
2014-06-10 | EL 6 also does not have this option yet | mh | |
2014-06-10 | lintig a document | mh | |
2014-06-10 | not all versions support the new default | mh | |
2014-06-10 | Merge remote-tracking branch 'shared/master' | mh | |
Conflicts: manifests/init.pp | |||
2014-05-27 | update $authorized_keys_file variable default to be the default is | Micah Anderson | |
documented by sshd_config(5) | |||
2014-05-27 | add the ability to override the automatic inclusion of the sshd_client | Micah Anderson | |
2014-03-14 | linting | mh | |
2014-03-14 | remove unnecessary param | mh | |
2014-02-21 | renamed ipaddress_fact to sshkey_ipaddres | Tomas Barton | |
2014-02-14 | too tired to type | Tomas Barton | |
2014-02-14 | fixed variable name | Tomas Barton | |
2014-02-14 | custom ip address fact | Tomas Barton | |
2014-01-27 | validate parameters | Tomas Barton | |
2014-01-27 | removed lsb-release package | Tomas Barton | |
2014-01-27 | removed special no-restart status for etch | Tomas Barton | |
2014-01-26 | client spec | Tomas Barton | |
2014-01-26 | basic init class specs | Tomas Barton | |
2014-01-26 | replaces shared-lsb by puppetlabs/stdlib | Tomas Barton | |
2013-05-29 | rather match the correct service than the parent pid | mh | |
the last approach only matched if someone was logged in with ssh. :/ | |||
2013-05-29 | Nagios disabled by default | Yoann Laissus | |
2013-05-20 | on newer puppet version the openbsd service provider changed slightly making ↵ | mh | |
this necessary | |||
2013-02-03 | style fixes | Michael Moll | |
silence puppet-lint | |||
2012-06-13 | migrate away from hiera stuff | mh | |
2012-06-05 | new style for 2.7 | mh | |
2011-07-29 | Merge remote-tracking branch 'shared/master' | mh | |
2011-07-21 | Adding PrintMotd parameter to all templates and setting per-distro default value | Silvio Rhatto | |
2011-07-17 | Provide a default value for $sshd_shared_ip in sshd::client | Gabriel Filion | |
Since it's possible to "include sshd::client" without using "include sshd" (e.g. installing/managing ssh client but not the server) provide a default value for $sshd_shared_ip also in the sshd::client class. Signed-off-by: Gabriel Filion <lelutin@gmail.com> | |||
2011-07-16 | Clean out $ssh_use_strong_ciphers | Gabriel Filion | |
A tentative option from rhatto using the variable named $ssh_use_strong_ciphers still has two lines in init.pp Since the same functionality is provided by the variable $ssh_hardened_ssl that was merged in the shared repository, rhatto removed his feature. But there are still two lines left, so simply remove them. Signed-off-by: Gabriel Filion <lelutin@gmail.com> | |||
2011-07-13 | Merge branch 'master' of git://labs.riseup.net/shared-sshd | Silvio Rhatto | |
2011-06-21 | Merge remote-tracking branch 'lelutin/freebsd' | Micah Anderson | |