sshd

Manages sshd with LDAP or IPA authentication on RHEL-based machines

Justin Lambert

jlambert121

6,792 downloads

6,274 latest version

4.6 quality score

Version information

  • 0.4.1 (latest)
  • 0.4.0
released Mar 4th 2016
This version is compatible with:
  • RedHat
    ,
    CentOS

Start using this module

Documentation

jlambert121/sshd — version 0.4.1 Mar 4th 2016

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with sshd
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module
  7. Changelog/Contributors

Overview

Puppet module to manage SSHD configuration on RHEL-based systems implementing LDAP or FreeIPA authentication.

Module Description

Another SSHD module?!? Why? When looking at the existing modules for SSHD I couldn't find any that supported LDAP authentication or would lend themselves to a PR that seemed to fit with the module design. If you aren't doing LDAP authentication from SSH, this module is probably not the best fit for your needs.

Setup

What sshd affects

  • openssh-server, openssh-ldap packages
  • /etc/ssh/ldap.conf, /etc/ssh/sshd_config, /etc/pam.d/sshd config files

Beginning with sshd

The sshd module is extremely simple to use (you will need to have a LDAP server in place and functional first)

    class { 'sshd':
      $ldap_uri        = 'ldap://ldap1.yourcompany.com, ldap://ldap2.yourcompany.com'
      $ldap_base       = 'dc=yourcompany,dc=com',
    }

To use this module with FreeIPA

    class { 'sshd':
      $provider = 'sss',
    }

Reference

Classes

Public Classes

  • sshd: Entry point for managing sshd

Limitations

Only tested on CentOS/RHEL

Development

Improvements and bug fixes are greatly appreciated. See the contributing guide for information on adding and validating tests for PRs.

Changelog / Contributors

Changelog Contributors