modules/ssh/templates/sshd_config.erb - Issue 29323173: Issue 2815 - Allow for SSH agent forwarding to be enabled via Hiera

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: modules/ssh/templates/sshd_config.erb

Issue 29323173: Issue 2815 - Allow for SSH agent forwarding to be enabled via Hiera (Closed)

Patch Set: Created Aug. 3, 2015, 10:10 a.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
1 # Package generated configuration file	1 # Package generated configuration file

2 # See the sshd_config(5) manpage for details	2 # See the sshd_config(5) manpage for details

3	3

4 # What ports, IPs and protocols we listen for	4 # What ports, IPs and protocols we listen for

5 Port 22	5 Port 22

6 # Use these options to restrict which interfaces/protocols sshd will bind to	6 # Use these options to restrict which interfaces/protocols sshd will bind to

7 #ListenAddress ::	7 #ListenAddress ::

8 #ListenAddress 0.0.0.0	8 #ListenAddress 0.0.0.0

9 Protocol 2	9 Protocol 2

10 # HostKeys for protocol version 2	10 # HostKeys for protocol version 2

(...skipping 42 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
53 # Kerberos options	53 # Kerberos options

54 #KerberosAuthentication no	54 #KerberosAuthentication no

55 #KerberosGetAFSToken no	55 #KerberosGetAFSToken no

56 #KerberosOrLocalPasswd yes	56 #KerberosOrLocalPasswd yes

57 #KerberosTicketCleanup yes	57 #KerberosTicketCleanup yes

58	58

59 # GSSAPI options	59 # GSSAPI options

60 #GSSAPIAuthentication no	60 #GSSAPIAuthentication no

61 #GSSAPICleanupCredentials yes	61 #GSSAPICleanupCredentials yes

62	62

	63 <% if @agent_forwarding and [true, 'true', 'yes'].include? @agent_forwarding -%>

	64 AllowAgentForwarding yes

	65 <% else -%>

63 AllowAgentForwarding no	66 AllowAgentForwarding no

	67 <% end -%>

64 AllowTcpForwarding no	68 AllowTcpForwarding no

65 X11Forwarding no	69 X11Forwarding no

66 X11DisplayOffset 10	70 X11DisplayOffset 10

67 PrintMotd no	71 PrintMotd no

68 PrintLastLog yes	72 PrintLastLog yes

69 TCPKeepAlive yes	73 TCPKeepAlive yes

70 PermitUserEnvironment yes	74 PermitUserEnvironment yes

71 #UseLogin no	75 #UseLogin no

72	76

73 #MaxStartups 10:30:60	77 #MaxStartups 10:30:60

74 #Banner /etc/issue.net	78 #Banner /etc/issue.net

75	79

76 # Allow client to pass locale environment variables	80 # Allow client to pass locale environment variables

77 AcceptEnv LANG LC_*	81 AcceptEnv LANG LC_*

78	82

79 Subsystem sftp /usr/lib/openssh/sftp-server	83 Subsystem sftp /usr/lib/openssh/sftp-server

80	84

81 # Set this to 'yes' to enable PAM authentication, account processing,	85 # Set this to 'yes' to enable PAM authentication, account processing,

82 # and session processing. If this is enabled, PAM authentication will	86 # and session processing. If this is enabled, PAM authentication will

83 # be allowed through the ChallengeResponseAuthentication and	87 # be allowed through the ChallengeResponseAuthentication and

84 # PasswordAuthentication. Depending on your PAM configuration,	88 # PasswordAuthentication. Depending on your PAM configuration,

85 # PAM authentication via ChallengeResponseAuthentication may bypass	89 # PAM authentication via ChallengeResponseAuthentication may bypass

86 # the setting of "PermitRootLogin without-password".	90 # the setting of "PermitRootLogin without-password".

87 # If you just want the PAM account and session checks to run without	91 # If you just want the PAM account and session checks to run without

88 # PAM authentication, then enable this but set PasswordAuthentication	92 # PAM authentication, then enable this but set PasswordAuthentication

89 # and ChallengeResponseAuthentication to 'no'.	93 # and ChallengeResponseAuthentication to 'no'.

90 UsePAM yes	94 UsePAM yes

91	95

OLD	NEW

« no previous file with comments | « modules/ssh/manifests/init.pp ('k') | no next file » | no next file with comments »