diff options
| author | Jerome Charaoui <jcharaoui@cmaisonneuve.qc.ca> | 2015-05-07 15:30:07 +0000 |
|---|---|---|
| committer | Jerome Charaoui <jcharaoui@cmaisonneuve.qc.ca> | 2015-05-07 15:30:07 +0000 |
| commit | df03b0865c03b3408c969fc4e8fae53e0f28f1e4 (patch) | |
| tree | 23d6821762f4b06af3809e686a722edd98af94b2 /README.md | |
| parent | b5e16ec06499e45b4efd9f7353bb31f3a972417e (diff) | |
| parent | e4a9c15987372e63ace244a92619bdd2e4c5407a (diff) | |
| download | puppet-sshd-df03b0865c03b3408c969fc4e8fae53e0f28f1e4.tar.gz puppet-sshd-df03b0865c03b3408c969fc4e8fae53e0f28f1e4.tar.bz2 | |
Merge branch 'enhance_hardened' into 'master'
Enhance hardened
This implements as many recommendations in https://stribika.github.io/2015/01/04/secure-secure-shell.html as possible
See merge request !10
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -4,6 +4,10 @@ This puppet module manages OpenSSH configuration and services. +**!! Upgrade Notice (05/2015) !!** + +The hardened_ssl parameter name was changed to simply 'hardened'. + **!! Upgrade Notice (01/2013) !!** This module now uses parameterized classes, where it used global variables @@ -179,8 +183,8 @@ The following is a list of the currently available variables: Set this to the location of the AuthorizedKeysFile (e.g. `/etc/ssh/authorized_keys/%u`). Default: `AuthorizedKeysFile %h/.ssh/authorized_keys` - - `hardened_ssl` - Use only strong SSL ciphers and MAC. + - `hardened` + Use only strong ciphers, MAC, KexAlgorithms, etc. Values: - `no` (default) - `yes` |