Puppet Class: ssh::server

Inherits:
ssh::params
Defined in:
manifests/server.pp

Overview

Parameters:

  • port (Any) (defaults to: '22')
  • allowed_users (Any) (defaults to: [])
  • allowed_groups (Any) (defaults to: [])
  • password_authentication_groups (Any) (defaults to: [])
  • password_authentication_users (Any) (defaults to: [])
  • x11_forwarding (Any) (defaults to: 'no')
  • use_dns (Any) (defaults to: 'yes')
  • password_authentication (Any) (defaults to: 'no')
  • pubkey_authentication (Any) (defaults to: 'yes')
  • subsystem_sftp (Any) (defaults to: '/usr/lib/openssh/sftp-server')
  • use_pam (Any) (defaults to: 'yes')
  • permit_root_login (Any) (defaults to: 'no')
  • print_motd (Any) (defaults to: $ssh::params::print_motd)
  • host_keys (Any) (defaults to: $ssh::params::host_keys)
  • manage_service (Any) (defaults to: true)
  • banner (Any) (defaults to: '/etc/issue.net')
  • ciphers (Any) (defaults to: [])
  • macs (Any) (defaults to: [])
  • client_alive_interval (Any) (defaults to: undef)
  • client_alive_count_max (Any) (defaults to: undef)
  • template (Any) (defaults to: 'ssh/sshd_config.erb')
  • accept_env (Any) (defaults to: 'LANG LC_*') 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
# File 'manifests/server.pp', line 1

class ssh::server (
  $port='22',
  $allowed_users=[],
  $allowed_groups=[],
  $password_authentication_groups=[],
  $password_authentication_users=[],
  $x11_forwarding='no',
  $use_dns='yes',
  $password_authentication='no',
  $pubkey_authentication='yes',
  $subsystem_sftp='/usr/lib/openssh/sftp-server',
  $use_pam='yes',
  $permit_root_login='no',
  $print_motd = $ssh::params::print_motd,
  $host_keys=$ssh::params::host_keys,
  $manage_service=true,
  $banner='/etc/issue.net',
  $ciphers=[],
  $macs=[],
  $client_alive_interval=undef,
  $client_alive_count_max=undef,
  $template='ssh/sshd_config.erb',
  $accept_env='LANG LC_*'
) inherits ssh::params {
  package { 'openssh-server':
    ensure => present,
  }

  file { '/etc/ssh/sshd_config':
    content => template($template),
    require => Package['openssh-server'],
    owner   => root,
    group   => root,
    mode    => '0644'
  }

  if $manage_service {
    service { 'ssh':
      ensure    => running,
      name      => $ssh::params::service_name,
      enable    => true,
      hasstatus => true,
      subscribe => [Package['openssh-server'], File['/etc/ssh/sshd_config']],
      require   => File['/etc/ssh/sshd_config'],
    }
  }

  if $permit_root_login == 'yes' {
    notify { 'You permit root login: use it with caution.': }
  }

}