Dzahn has submitted this change and it was merged.
Change subject: ssh server: make PermitRootLogin configurable
......................................................................
ssh server: make PermitRootLogin configurable
Change-Id: I2ff3755b5c0842aae0367d63a25a079aace1a509
---
M modules/ssh/manifests/server.pp
M modules/ssh/templates/sshd_config.erb
2 files changed, 6 insertions(+), 0 deletions(-)
Approvals:
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/modules/ssh/manifests/server.pp b/modules/ssh/manifests/server.pp
index 255ab46..2f2670e 100644
--- a/modules/ssh/manifests/server.pp
+++ b/modules/ssh/manifests/server.pp
@@ -1,6 +1,7 @@
class ssh::server (
$listen_port = '22',
$listen_address = undef,
+ $permit_root = true,
) {
package { 'openssh-server':
ensure => latest;
diff --git a/modules/ssh/templates/sshd_config.erb
b/modules/ssh/templates/sshd_config.erb
index 4d67e46..12394f4 100644
--- a/modules/ssh/templates/sshd_config.erb
+++ b/modules/ssh/templates/sshd_config.erb
@@ -28,7 +28,12 @@
# Authentication:
LoginGraceTime 120
+<% if @permit_root %>
PermitRootLogin yes
+<% else %>
+PermitRootLogin no
+<% end %>
+
StrictModes yes
RSAAuthentication yes
--
To view, visit https://gerrit.wikimedia.org/r/172804
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I2ff3755b5c0842aae0367d63a25a079aace1a509
Gerrit-PatchSet: 3
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
Gerrit-Reviewer: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: JanZerebecki <[email protected]>
Gerrit-Reviewer: John F. Lewis <[email protected]>
Gerrit-Reviewer: Ori.livneh <[email protected]>
Gerrit-Reviewer: Yuvipanda <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
