Forge Home


Manages sshd with LDAP or IPA authentication on RHEL-based machines


6,951 latest version

4.6 quality score

Version information

  • 0.4.1 (latest)
  • 0.4.0
released Mar 4th 2016
This version is compatible with:
  • ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'jlambert121-sshd', '0.4.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add jlambert121-sshd
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install jlambert121-sshd --version 0.4.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



jlambert121/sshd — version 0.4.1 Mar 4th 2016

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with sshd
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module
  7. Changelog/Contributors


Puppet module to manage SSHD configuration on RHEL-based systems implementing LDAP or FreeIPA authentication.

Module Description

Another SSHD module?!? Why? When looking at the existing modules for SSHD I couldn't find any that supported LDAP authentication or would lend themselves to a PR that seemed to fit with the module design. If you aren't doing LDAP authentication from SSH, this module is probably not the best fit for your needs.


What sshd affects

  • openssh-server, openssh-ldap packages
  • /etc/ssh/ldap.conf, /etc/ssh/sshd_config, /etc/pam.d/sshd config files

Beginning with sshd

The sshd module is extremely simple to use (you will need to have a LDAP server in place and functional first)

    class { 'sshd':
      $ldap_uri        = 'ldap://, ldap://'
      $ldap_base       = 'dc=yourcompany,dc=com',

To use this module with FreeIPA

    class { 'sshd':
      $provider = 'sss',



Public Classes

  • sshd: Entry point for managing sshd


Only tested on CentOS/RHEL


Improvements and bug fixes are greatly appreciated. See the contributing guide for information on adding and validating tests for PRs.

Changelog / Contributors

Changelog Contributors