From 57d8883d485baa09a0841d629fe66406611ca261 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 13 Jul 2011 18:41:59 -0300 Subject: Removing sshd_use_strong_ciphers parameter as sshd_hardened_ssl does the job --- templates/sshd_config/CentOS.erb | 5 ----- templates/sshd_config/Debian_etch.erb | 5 ----- templates/sshd_config/Debian_lenny.erb | 5 ----- templates/sshd_config/Debian_squeeze.erb | 5 ----- templates/sshd_config/Gentoo.erb | 5 ----- templates/sshd_config/OpenBSD.erb | 5 ----- templates/sshd_config/Ubuntu_lucid.erb | 2 +- 7 files changed, 1 insertion(+), 31 deletions(-) (limited to 'templates') diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb index 2b4f2fe..859759a 100644 --- a/templates/sshd_config/CentOS.erb +++ b/templates/sshd_config/CentOS.erb @@ -212,8 +212,3 @@ MACs hmac-sha1 <%- unless sshd_tail_additional_options.to_s.empty? then %> <%= sshd_tail_additional_options %> <%- end %> - -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> -Ciphers aes128-ctr -MACs hmac-sha1 -<%- end %> diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb index 93fefc2..dbef8b8 100644 --- a/templates/sshd_config/Debian_etch.erb +++ b/templates/sshd_config/Debian_etch.erb @@ -182,8 +182,3 @@ MACs hmac-sha1 <%- unless sshd_tail_additional_options.to_s.empty? then %> <%= sshd_tail_additional_options %> <%- end %> - -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> -Ciphers aes128-ctr -MACs hmac-sha1 -<%- end %> diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb index 0c551e5..c168114 100644 --- a/templates/sshd_config/Debian_lenny.erb +++ b/templates/sshd_config/Debian_lenny.erb @@ -191,8 +191,3 @@ MACs hmac-sha1 <%- unless sshd_tail_additional_options.to_s.empty? then %> <%= sshd_tail_additional_options %> <%- end %> - -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> -Ciphers aes128-ctr -MACs hmac-sha1 -<%- end %> diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb index 1f92112..dfebcc3 100644 --- a/templates/sshd_config/Debian_squeeze.erb +++ b/templates/sshd_config/Debian_squeeze.erb @@ -205,8 +205,3 @@ MACs hmac-sha1 <%- unless sshd_tail_additional_options.to_s.empty? then %> <%= sshd_tail_additional_options %> <%- end %> - -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> -Ciphers aes128-ctr -MACs hmac-sha1 -<%- end %> diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb index 40a70e7..38674ce 100644 --- a/templates/sshd_config/Gentoo.erb +++ b/templates/sshd_config/Gentoo.erb @@ -216,8 +216,3 @@ MACs hmac-sha1 <%- unless sshd_tail_additional_options.to_s.empty? then %> <%= sshd_tail_additional_options %> <%- end %> - -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> -Ciphers aes128-ctr -MACs hmac-sha1 -<%- end %> diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb index be76df2..7a20cd9 100644 --- a/templates/sshd_config/OpenBSD.erb +++ b/templates/sshd_config/OpenBSD.erb @@ -192,8 +192,3 @@ MACs hmac-sha1 <%- unless sshd_tail_additional_options.to_s.empty? then %> <%= sshd_tail_additional_options %> <%- end %> - -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> -Ciphers aes128-ctr -MACs hmac-sha1 -<%- end %> diff --git a/templates/sshd_config/Ubuntu_lucid.erb b/templates/sshd_config/Ubuntu_lucid.erb index 904a409..1c44c7b 100644 --- a/templates/sshd_config/Ubuntu_lucid.erb +++ b/templates/sshd_config/Ubuntu_lucid.erb @@ -188,7 +188,7 @@ PrintMotd no <%= sshd_tail_additional_options %> <%- end %> -<%- if sshd_use_strong_ciphers.to_s == 'yes' then -%> +<%- if sshd_hardened_ssl.to_s == 'yes' then -%> Ciphers aes128-ctr MACs hmac-sha1 <%- end %> -- cgit v1.2.3