Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mtulio/puppet-module-ssh

Puppet module to manage SSH client and server
https://github.com/mtulio/puppet-module-ssh

Last synced: 8 days ago
JSON representation

Puppet module to manage SSH client and server

Host: GitHub
URL: https://github.com/mtulio/puppet-module-ssh
Owner: mtulio
Created: 2016-01-13T12:56:28.000Z (almost 9 years ago)
Default Branch: master
Last Pushed: 2016-02-28T06:32:40.000Z (over 8 years ago)
Last Synced: 2024-10-30T17:12:43.533Z (18 days ago)
Language: HTML
Size: 23.4 KB
Stars: 0
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # ssh

[![Puppet Forge](http://img.shields.io/puppetforge/v/mtulio/ssh.svg)](https://forge.puppetlabs.com/mtulio/ssh)

[![Build Status](https://travis-ci.org/mtulio/puppet-mod-ssh.png?branch=master)](https://travis-ci.org/mtulio/puppet-mod-ssh)

#### Table of Contents

1. [Overview](#1-overview)

2. [Module Description](#2-module-description)

3. [Setup](#3-setup)

    * [What module affects](#what-module-affects)

    * [Setup requirements](#setup-requirements)

    * [Beginning](#beginning)

4. [Usage](#4-usage)

5. [Limitations](#5-limitations)

6. [Development](#6-development)

7. [Release Notes](#7-release-notes)

## 1. Overview

This module can install and configure SSH server config file [ and in the future manages the client ]

## 2. Module Description

Module to manage SSH server config file.

## 3. Setup

 See [Usage](#4-usage)

### What module affects

* This module module will install SSH server package in your system.

### Setup Requirements 

* puppet module install mtulio-ssh

### Beginning 

This is a great module to configure your SSH server config file. 

## 4. Usage

1. Default config

```

 class { '::ssh::sshd_config': }

```

2. Permit root login and allow some users

```

 class { '::ssh::sshd_config': 

   permitrootlogin   => 'yes'

   allow_users       => 'root vagrant admin1'

 }

```

3. Ensure Local User, block root login

```

 class { '::ssh::sshd_config': 

   user_local_enable => 'yes',

   user_local_ensure => 'sysadmin',

   user_password     => '$6$GpTlgkVr$CHLWoyzd4fGD/c4eG2A5JnR8HvsrUF0sGnHrpumysSsJRW5laOfMrvuYX3qjlLriQXGQVHqLq8UIpOxe9Wz2C1', # admin@123

   permitrootlogin   => 'no'

   allow_users       => 'vagrant admin1 admin2 admin3'

 }

```

4. Set sshd banner. Ensure the file is present

```

file {'/etc/ssh/banner':

  path => '/etc/ssh/banner',

  source => "puppet:///modules/ssh/sshd_banner_example_pt-br",

  owner   => 'root',

  group   => 'root',

  mode    => '0644',

}

class { '::ssh::sshd_config':

  user_local_enable => 'yes',

  user_local_ensure => 'sysadmin',

  user_password     => '$6$GpTlgkVr$CHLWoyzd4fGD/c4eG2A5JnR8HvsrUF0sGnHrpumysSsJRW5laOfMrvuYX3qjlLriQXGQVHqLq8UIpOxe9Wz2C1', # admin@123,

  permitrootlogin   => 'no',

  allow_users       => 'admin1 admin2 admin3'

  bannerpath	    => '/etc/ssh/banner',

}

```

## 5. Limitations

OS compatibility [tested]: 

* Red Hat family 6Server and 7Server

We're working to support more OS.

## 6. Development

See project page at https://github.com/mtulio/puppet-mod-ssh

## 7. Release Notes

[1.3.0] [1.3.1]

* Add Allow/Deny users and groups

[1.2.1] 

* Fix metadata dependences

[1.2.0]

* Add 'banner' support to template config file - sshd_conf

[1.1.0]

* Changing global parameter of sshd_config template:

>> from: 

```

GSSAPIAuthentication yes

GSSAPICleanupCredentials no

```

```

>> to:

```

GSSAPIAuthentication no

GSSAPICleanupCredentials yes

```

[1.0.1] 

* Review document description

[1.0.0]

* Manage sshd_config