ssh

pdk
Install and configure ssh

Damon Conway

dconway

4,351 downloads

4,031 latest version

4.7 quality score

Version information

  • 0.2.0 (latest)
  • 0.1.1
  • 0.1.0
released Aug 2nd 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • CentOS
    ,
    OracleLinux
    ,
    RedHat
    ,
    Scientific
    ,
    SLES
    ,
    Debian
    ,
    Ubuntu

Start using this module

Documentation

dconway/ssh — version 0.2.0 Aug 2nd 2018

ssh

Table of Contents

  1. Overview - What is the ssh module?
  2. Dependencies - What other modules does this module depend on?
  3. Usage - How to use and configure the module
  4. Parameter - List of available parameters to pass
  5. Limitations - OS compatibility, etc.

Overview

The ssh module is designed to manage the ssh packages and service, and leave the configuration to the user. However, if you pass in one or more of the config hashes, the module will loop through them to create the matching resource provided by herculesteam/augeasproviders_ssh.

Currently, the module supports passing a config hash to the following 4 resources:

  • ssh_config
  • sshd_config
  • sshd_config_match
  • sshd_config_subsystem

Dependencies

Usage

To simply have the module manage the packages and sshd service do:

include ::ssh

To pass some configuration options do:

$ssh_cfg = {
  'ForwardAgent' => {
    'ensure' => 'present',
    'value'  => 'yes',
  },
  'ForwardAgent on example.net' => {
    'ensure' => 'present',
    'key'    => 'ForwardAgent',
    'host'   => 'secure.example.net',
    'value'  => 'no'
  },
  'X11Forwarding' => {
    'ensure' => 'present',
    'host'   => 'example.net',
    'value'  => 'yes',
  },
}

$sshd_cfg = {
  'AllowGroups' => {
    'ensure' => 'present',
    'value'  => ['sshgroups", "admins"],
  },
  'Protocol' => {
    'ensure' => 'present',
    'value'  => '2',
  },
  'PermitRootLogin' => {
    'ensure' => 'present',
    'value'  => 'no',
  },
}

class { '::ssh':
  ssh_config  => $ssh_cfg
  sshd_config => $sshd_cfg
}

parameters within ssh:

####client_pkg

The name of the package to manage (default is OS dependent).

####client_pkg_ensure

This param holds the ensure value for the client package resource (default is present).

####config_manage

This param determines if we should apply config changes (default is true).

####install_options

This param holds the install_options value for package resources (default is undef).

####server_pkg

The name of the package to manage (default is OS dependent).

####server_pkg_ensure

This param holds the ensure value for the server package resource (default is present).

####service_ensure

This param holds the ensure value for the server service resource (default is running).

####service_manage

This param determines if we should manage the service resource for the server (default is true).

####ssh_config

This param contains a hash of ssh_config resources (default is undef).

####sshd_config

This param contains a hash of sshd_config resources (default is undef).

####sshd_config_match

This param contains a hash of sshd_config_match resources (default is undef).

####sshd_config_subsystem

This param contains a hash of sshd_config_subsystem resources (default is undef).

Limitations

Supported Operating Systems Note: Only RHEL/CentOS tested thus far.

  • RHEL/CentOS/Oracle/Scientific/SLES 5,6,7
  • Debian 8, 9
  • Ubuntu 14.04, 16.04, 18.04