summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
authorAlain Lamar <alain_lamar@yahoo.de>2018-01-02 19:12:27 +0100
committerAlain Lamar <alain_lamar@yahoo.de>2018-01-02 19:12:27 +0100
commitf56e7154b9dfb36305cfb0c36998d245c26ad343 (patch)
tree08721d01197ba10ce258b4547abeddd737674f75 /templates
parentf76f756b8c031226c37a3851074cc26f506ccf2b (diff)
downloadvyatta-cfg-system-f56e7154b9dfb36305cfb0c36998d245c26ad343.tar.gz
vyatta-cfg-system-f56e7154b9dfb36305cfb0c36998d245c26ad343.zip
T122: Added a config node to implement sshd_config's DenyUsers
Diffstat (limited to 'templates')
-rw-r--r--templates/service/ssh/access-control/deny-users/node.def11
1 files changed, 11 insertions, 0 deletions
diff --git a/templates/service/ssh/access-control/deny-users/node.def b/templates/service/ssh/access-control/deny-users/node.def
new file mode 100644
index 00000000..a6426f90
--- /dev/null
+++ b/templates/service/ssh/access-control/deny-users/node.def
@@ -0,0 +1,11 @@
+type: txt
+help: Configure sshd_config access control for disallowed users.
+comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list.
+
+create: sudo sed -i -e '$ a \
+DenyUsers $VAR(@)' /etc/ssh/sshd_config
+
+delete: sudo sed -i -e '/^DenyUsers $VAR(@)$/d' /etc/ssh/sshd_config
+
+update: sudo sed -i -e '/^DenyUsers.*$/c \
+DenyUsers $VAR(@)' /etc/ssh/sshd_config