modules/ssh/templates/sshd_config.erb - Issue 29323885: Issue 2920 - Allow for SSH TCP forwarding to be enabled via Hiera

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: modules/ssh/templates/sshd_config.erb

Issue 29323885: Issue 2920 - Allow for SSH TCP forwarding to be enabled via Hiera (Closed)

Patch Set: Created Aug. 17, 2015, 9:02 p.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
1 # Package generated configuration file	1 # Package generated configuration file

2 # See the sshd_config(5) manpage for details	2 # See the sshd_config(5) manpage for details

3	3

4 # What ports, IPs and protocols we listen for	4 # What ports, IPs and protocols we listen for

5 Port 22	5 Port 22

6 # Use these options to restrict which interfaces/protocols sshd will bind to	6 # Use these options to restrict which interfaces/protocols sshd will bind to

7 #ListenAddress ::	7 #ListenAddress ::

8 #ListenAddress 0.0.0.0	8 #ListenAddress 0.0.0.0

9 Protocol 2	9 Protocol 2

10 # HostKeys for protocol version 2	10 # HostKeys for protocol version 2

(...skipping 47 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
58	58

59 # GSSAPI options	59 # GSSAPI options

60 #GSSAPIAuthentication no	60 #GSSAPIAuthentication no

61 #GSSAPICleanupCredentials yes	61 #GSSAPICleanupCredentials yes

62	62

63 <% if @agent_forwarding and [true, 'true', 'yes'].include? @agent_forwarding -%>	63 <% if @agent_forwarding and [true, 'true', 'yes'].include? @agent_forwarding -%>

64 AllowAgentForwarding yes	64 AllowAgentForwarding yes

65 <% else -%>	65 <% else -%>

66 AllowAgentForwarding no	66 AllowAgentForwarding no

67 <% end -%>	67 <% end -%>

	68

	69 <% if @tcp_forwarding and [true, 'true', 'yes'].include? @tcp_forwarding -%>

	70 AllowTcpForwarding yes

	71 <% else -%>

68 AllowTcpForwarding no	72 AllowTcpForwarding no

	73 <% end -%>

	74

69 X11Forwarding no	75 X11Forwarding no

70 X11DisplayOffset 10	76 X11DisplayOffset 10

71 PrintMotd no	77 PrintMotd no

72 PrintLastLog yes	78 PrintLastLog yes

73 TCPKeepAlive yes	79 TCPKeepAlive yes

74 PermitUserEnvironment yes	80 PermitUserEnvironment yes

75 #UseLogin no	81 #UseLogin no

76	82

77 #MaxStartups 10:30:60	83 #MaxStartups 10:30:60

78 #Banner /etc/issue.net	84 #Banner /etc/issue.net

79	85

80 # Allow client to pass locale environment variables	86 # Allow client to pass locale environment variables

81 AcceptEnv LANG LC_*	87 AcceptEnv LANG LC_*

82	88

83 Subsystem sftp /usr/lib/openssh/sftp-server	89 Subsystem sftp /usr/lib/openssh/sftp-server

84	90

85 # Set this to 'yes' to enable PAM authentication, account processing,	91 # Set this to 'yes' to enable PAM authentication, account processing,

86 # and session processing. If this is enabled, PAM authentication will	92 # and session processing. If this is enabled, PAM authentication will

87 # be allowed through the ChallengeResponseAuthentication and	93 # be allowed through the ChallengeResponseAuthentication and

88 # PasswordAuthentication. Depending on your PAM configuration,	94 # PasswordAuthentication. Depending on your PAM configuration,

89 # PAM authentication via ChallengeResponseAuthentication may bypass	95 # PAM authentication via ChallengeResponseAuthentication may bypass

90 # the setting of "PermitRootLogin without-password".	96 # the setting of "PermitRootLogin without-password".

91 # If you just want the PAM account and session checks to run without	97 # If you just want the PAM account and session checks to run without

92 # PAM authentication, then enable this but set PasswordAuthentication	98 # PAM authentication, then enable this but set PasswordAuthentication

93 # and ChallengeResponseAuthentication to 'no'.	99 # and ChallengeResponseAuthentication to 'no'.

94 UsePAM yes	100 UsePAM yes

95	101

OLD	NEW

« no previous file with comments | « modules/ssh/manifests/init.pp ('k') | no next file » | no next file with comments »