puppet_sshd.git - [puppet

Age	Commit message (Collapse)	Author
2015-05-22	disable the debian/ubuntu package version from being sent to clients	Matt Taggart

2015-05-07	Adjust variable lookup in templates to silence deprecation warnings, fixes #1	Jerome Charaoui

2015-05-04	Implement enhanced MAC (Message Authentication Codes) according to	Micah Anderson
	installed version of openssh and https://stribika.github.io/2015/01/04/secure-secure-shell.html
2015-05-04	Implement enhanced symmetric cipher selection, based on	Micah Anderson
	https://stribika.github.io/2015/01/04/secure-secure-shell.html and version of openssh installed
2015-05-04	Implement KexAlgorithms settings, based on Key exchange section of	Micah Anderson
	https://stribika.github.io/2015/01/04/secure-secure-shell.html Note, that on some systems it is uncertain if they will have a new enough version of openssh installed, so on those a version test is done to see before setting them.
2015-05-04	Change 'hardened_ssl' paramter to simply 'hardened', this makes more	Micah Anderson
	sense in general
2014-11-21	Add a $hostkey_type variable that allows you to set which hostkey	Micah Anderson
	types you want to support in your sshd_config. We use the ssh_version fact to determine the default hostkey types. Only enable rsa and ed25519 for ssh versions greater or equal to 6.5, otherwise enable rsa and dsa. Some distributions, such as debian, also enable ecdsa as a hostkey type, but this is a known bad NIST curve, so we do not enable that by default (thus deviating from the stock sshd config)
2014-09-17	Resynchronize Debian sid template with the configuration file currently ↵	intrigeri
	shipped by the package.
2012-06-18	correct variable naming	mh

2012-06-05	new style for 2.7	mh

2011-07-21	Adding PrintMotd parameter to all templates and setting per-distro default value	Silvio Rhatto

2011-06-21	New opt-in support to only use strong SSL ciphers and MACs.	intrigeri
	The new configuration variable is $sshd_hardened_ssl. Settings were stolen from https://github.com/ioerror/duraconf.git.
2011-02-21	remove HostbasedUsesNameFromPacketOnly yes from Debian sshd_config ↵	Micah Anderson
	templates. This is not set in the Debian templates by default, and the default is actually no, not yes. If someone wishes to make a configuration variable they can, otherwise head/tail_additional options can be used
2011-02-21	Resync Debian sid template with the Squeeze's one.	intrigeri
	Currently, the only difference is LoginGraceTime, that defaults to 600 in sid.
2011-01-30	Add sshd_config template for Debian sid	Gabriel Filion
	Debian's unstable branch currently has no template for sshd_config, and thus cannot use the sshd class. Add a template for Debian sid. Signed-off-by: Gabriel Filion <lelutin@gmail.com>