Puppet Class: sys::ssh::config

Inherits:
sys::ssh::params
Defined in:
manifests/ssh/config.pp

Overview

Class: ssh::config

Creates the SSH daemon and client configuration files.

Parameters:

  • sshd_config (Any) (defaults to: $sys::ssh::params::sshd_config)
  • sshd_template (Any) (defaults to: 'sys/ssh/sshd_config.erb')
  • mode (Any) (defaults to: '0600') 


5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'manifests/ssh/config.pp', line 5

class sys::ssh::config(
  $sshd_config   = $sys::ssh::params::sshd_config,
  $sshd_template = 'sys/ssh/sshd_config.erb',
  $mode          = '0600',
) inherits sys::ssh::params {

  include sys

  if $sys::ssh::privilege_separation {
    # OpenSSH 5.0+ can take 'sandbox' as a value for more secure
    # privilege separation.
    if $sys::ssh::params::sandbox {
      $privilege_separation = 'sandbox'
    } else {
      $privilege_separation = 'yes'
    }
  } else {
    $privilege_separation = 'no'
  }

  file { $sshd_config:
    ensure  => file,
    owner   => 'root',
    group   => $sys::root_group,
    mode    => $mode,
    content => template($sshd_template),
    notify  => Class['ssh::service'],
    require => Class['ssh::install'],
  }
}