Forge Home


Setup sshd with optional firewall and monit support


5,266 latest version

5.0 quality score

Version information

  • 2.2.3 (latest)
  • 2.2.2
  • 2.2.1
released Sep 12th 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • , , FreeBSD,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'puppetfinland-sshd', '2.2.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add puppetfinland-sshd
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install puppetfinland-sshd --version 2.2.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



puppetfinland/sshd — version 2.2.3 Sep 12th 2018


A general-purpose sshd module for Puppet. Can be used in conjunction FreeIPA/sssd. Has optional firewall and monit support.

Module usage

Use the permissive defaults (password auth and root logins enabled):

include ::sshd

Disable password auth, root logins and rate-limit connections with iptables and ip6tables:

class { '::sshd':
  permitrootlogin        => 'no',
  passwordauthentication => 'no',
  limit                  => '3/min',

Enable root logins without password when using ssh keys:

class { '::sshd':
  permitrootlogin        => 'without-password',
  passwordauthentication => 'no',

Integrate with FreeIPA authentication:

class { '::sshd':
  authorized_keys_from_sssd => true,
  gssapiauthentication      => 'yes',

For further details refer to init.pp.