Puppet Class: ssh::client

Defined in:
manifests/client.pp

Summary

Sets up a ssh client and creates /etc/ssh/ssh_config.

Overview

Parameters:

  • add_default_entry (Boolean) (defaults to: true)

    Set this if you wish to automatically have the ‘*’ Host entry set up with some sane defaults.

  • fips (Boolean) (defaults to: simplib::lookup('simp_options::fips', { 'default_value' => false }))

    If set or FIPS is already enabled, adjust for FIPS mode.

  • haveged (Boolean) (defaults to: simplib::lookup('simp_options::haveged', { 'default_value' => false }))

    If true, include the haveged module to assist with entropy generation.

  • package_ensure (String) (defaults to: simplib::lookup('simp_options::package_ensure', { 'default_value' => 'installed' }))

    The ensure status the openssh-clients package

Author:



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'manifests/client.pp', line 14

class ssh::client (
  Boolean $add_default_entry = true,
  Boolean $haveged           = simplib::lookup('simp_options::haveged', { 'default_value' => false }),
  Boolean $fips              = simplib::lookup('simp_options::fips', { 'default_value' => false }),
  String  $package_ensure    = simplib::lookup('simp_options::package_ensure', { 'default_value' => 'installed' }),
) {
  simplib::assert_metadata( $module_name )

  if $add_default_entry {
    ssh::client::host_config_entry { '*': }
  }

  file { '/etc/ssh/ssh_config':
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    require => Package['openssh-clients']
  }

  file { '/etc/ssh/ssh_known_hosts':
    owner => 'root',
    group => 'root',
    mode  => '0644'
  }

  package { 'openssh-clients':
    ensure => $package_ensure
  }

  if $haveged {
    simplib::assert_optional_dependency($module_name, 'simp/haveged')

    include 'haveged'
  }
}