Salt/openssh-formula
0
0
Fork 0
mirror of https://github.com/saltstack-formulas/openssh-formula.git synced 2025-04-20 00:22:07 +02:00
Code Issues Activity

Merge 5f60a60e738eaf6208a35df81fbc9e5cbf1d1e29 into c71f2ae4fa1f01ca59d1a54d2a5259d9c2405b1e

Browse Source
This commit is contained in:
James Shewey 2017-07-12 16:51:50 +00:00 committed by GitHub
commit 76c8e98d93
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openssh/files/sshd_config
View File

@ -128,8 +128,14 @@
{{ option_default_uncommented('RSAAuthentication', 'yes') }}
{{ option_default_uncommented('PubkeyAuthentication', 'yes') }}
{{ option('AuthorizedKeysFile', '%h/.ssh/authorized_keys') }}
{{ option('AuthorizedKeysCommand', 'none') }}
{{ option('AuthorizedKeysCommandUser', 'nobody') }}
{%- if server.authorized_keys_command is defined %}
AuthorizedKeysCommand {{ server.authorized_keys_command.command }}
{% if grains['os_family'] == 'RedHat' %}
{% if grains['osmajorrelease'] != '6' %}
AuthorizedKeysCommandUser {{ server.authorized_keys_command.get('user', 'nobody') }}
{%- endif %}
{%- endif %}
{%- endif %}
# Don't read the user's ~/.rhosts and ~/.shosts files
{{ option_default_uncommented('IgnoreRhosts', 'yes') }}

5
pillar.example
View File

@ -26,8 +26,9 @@ sshd_config:
MaxSessions: 10
RSAAuthentication: 'yes'
PubkeyAuthentication: 'yes'
AuthorizedKeysCommand: '/usr/bin/sss_ssh_authorizedkeys'
AuthorizedKeysCommandUser: 'nobody'
AuthorizedKeysCommand:
- Command: '/usr/bin/sss_ssh_authorizedkeys'
- User: 'nobody'
IgnoreRhosts: 'yes'
RhostsRSAAuthentication: 'no'
HostbasedAuthentication: 'no'