From 0615dc635c19ea4080d071a9297cd8eb32b47122 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Sun, 3 Oct 2010 19:56:04 +0200 Subject: Actually allow enabling ChallengeResponseAuthentication on Debian Lenny. --- templates/sshd_config/Debian_lenny.erb | 2 -- 1 file changed, 2 deletions(-) (limited to 'templates/sshd_config/Debian_lenny.erb') diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index 18f3e4d..3c3d562 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -173,8 +173,6 @@ AllowAgentForwarding yes AllowAgentForwarding no <%- end -%> -ChallengeResponseAuthentication no - <%- unless sshd_allowed_users.to_s.empty? then -%> AllowUsers <%= sshd_allowed_users -%> <%- end -%> -- cgit v1.2.3 From 23efb583bf565f12361e929f1a2d1fca61f4d3bb Mon Sep 17 00:00:00 2001 From: intrigeri Date: Sat, 16 Oct 2010 16:01:24 +0200 Subject: Cleanup templates: sshd_port is guaranteed by init.pp not to be empty. --- templates/sshd_config/Debian_lenny.erb | 4 ---- 1 file changed, 4 deletions(-) (limited to 'templates/sshd_config/Debian_lenny.erb') diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index 3c3d562..4bb9c87 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -6,15 +6,11 @@ <%- end %> # What ports, IPs and protocols we listen for -<%- unless sshd_port.to_s.empty? then -%> <%- if sshd_port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> Port <%= sshd_port -%> <% end -%> -<%- else -%> -Port 22 -<%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to <% for address in sshd_listen_address -%> -- cgit v1.2.3 From a643172a794c9a1ff7602e9b4d3b220867684f54 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Sat, 16 Oct 2010 16:05:00 +0200 Subject: New option sshd_ports that obsoletes sshd_port. Backward compatibility is preserved. --- templates/sshd_config/Debian_lenny.erb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'templates/sshd_config/Debian_lenny.erb') diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index 4bb9c87..13264cc 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -6,11 +6,13 @@ <%- end %> # What ports, IPs and protocols we listen for -<%- if sshd_port.to_s == 'off' then -%> +<%- sshd_ports.each do |port| -%> +<%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= sshd_port -%> +Port <%= port -%> <% end -%> +<%- end -%> # Use these options to restrict which interfaces/protocols sshd will bind to <% for address in sshd_listen_address -%> -- cgit v1.2.3 From 8cb562f87cf5a74ffb62e1fad8e5f6d200f723ab Mon Sep 17 00:00:00 2001 From: intrigeri Date: Sat, 16 Oct 2010 22:32:25 +0200 Subject: Syntax fix. --- templates/sshd_config/Debian_lenny.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'templates/sshd_config/Debian_lenny.erb') diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index 13264cc..e0b1917 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -10,7 +10,7 @@ <%- if port.to_s == 'off' then -%> #Port -- disabled by puppet <% else -%> -Port <%= port -%> +Port <%= port %> <% end -%> <%- end -%> -- cgit v1.2.3 From 7e6d3af6f8b207133b3c71f9c714e19b68a4fc4e Mon Sep 17 00:00:00 2001 From: mh Date: Thu, 21 Oct 2010 15:31:31 +0200 Subject: lenny already has AcceptEnv by default --- templates/sshd_config/Debian_lenny.erb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'templates/sshd_config/Debian_lenny.erb') diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index e0b1917..4648a22 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -136,6 +136,9 @@ KeepAlive yes #Banner /etc/issue.net #ReverseMappingCheck yes +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + <%- if sshd_sftp_subsystem.to_s.empty? then %> Subsystem sftp /usr/lib/openssh/sftp-server <%- else %> -- cgit v1.2.3