diff options
Diffstat (limited to 'templates/service/ssh')
| -rw-r--r-- | templates/service/ssh/allow-root/node.def | 5 | ||||
| -rw-r--r-- | templates/service/ssh/ciphers/node.def | 29 | ||||
| -rw-r--r-- | templates/service/ssh/disable-host-validation/node.def | 6 | ||||
| -rw-r--r-- | templates/service/ssh/disable-password-authentication/node.def | 5 | ||||
| -rw-r--r-- | templates/service/ssh/listen-address/node.def | 10 | ||||
| -rw-r--r-- | templates/service/ssh/macs/node.def | 10 | ||||
| -rw-r--r-- | templates/service/ssh/node.def | 8 | ||||
| -rw-r--r-- | templates/service/ssh/port/node.def | 7 |
8 files changed, 0 insertions, 80 deletions
diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def deleted file mode 100644 index c1e6abf2..00000000 --- a/templates/service/ssh/allow-root/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Enable root login over ssh - -create: sudo sed -i -e '/^PermitRootLogin/s/no/yes/' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def deleted file mode 100644 index 7eab846e..00000000 --- a/templates/service/ssh/ciphers/node.def +++ /dev/null @@ -1,29 +0,0 @@ -type: txt -help: Allowed ciphers -val_help: txt; Cipher string -val_help: 3des-cbc; 3DES CBC -val_help: aes128-cbc; AES 128 CBC -val_help: aes192-cbc; AES 192 CBC -val_help: aes256-cbc; AES 256 CBC -val_help: aes128-ctr; AES 128 CTR -val_help: aes192-ctr; AES 192 CTR -val_help: aes256-ctr; AES 256 CTR -val_help: arcfour128; AC4 128 -val_help: arcfour256; AC4 256 -val_help: arcfour; AC4 -val_help: blowfish-cbc; Blowfish CBC -val_help: cast128-cbc; CAST 128 CBC -comp_help: Multiple ciphers can be specified as a comma-separated list. - -syntax:expression: pattern $VAR(@) "^((3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\ -aes256-ctr|arcfour128|arcfour256|arcfour|\ -blowfish-cbc|cast128-cbc)(,|$))+$"; \ -"$VAR(@) is not a valid cipher list" - -create: sudo sed -i -e '$ a \ -Ciphers $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^Ciphers $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^Ciphers/c \ -Ciphers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/disable-host-validation/node.def b/templates/service/ssh/disable-host-validation/node.def deleted file mode 100644 index fff28dbd..00000000 --- a/templates/service/ssh/disable-host-validation/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Don't validate the remote host name with DNS - -update: sudo sed -i -e '/^UseDNS/s/yes/no/' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^UseDNS/s/no/yes/' /etc/ssh/sshd_config - diff --git a/templates/service/ssh/disable-password-authentication/node.def b/templates/service/ssh/disable-password-authentication/node.def deleted file mode 100644 index 59abacfc..00000000 --- a/templates/service/ssh/disable-password-authentication/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Don't allow unknown user to login with password - -update: sudo sed -i -e '/^PasswordAuthentication/s/yes/no/' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^PasswordAuthentication/s/no/yes/' /etc/ssh/sshd_config diff --git a/templates/service/ssh/listen-address/node.def b/templates/service/ssh/listen-address/node.def deleted file mode 100644 index aeff03f2..00000000 --- a/templates/service/ssh/listen-address/node.def +++ /dev/null @@ -1,10 +0,0 @@ -multi: -type: ipv4,ipv6 -help: Local addresses SSH service should listen on -val_help: ipv4: IP address to listen for incoming connections -val_help: ipv6: IPv6 address to listen for incoming connections - -create: sudo sed -i -e '/^Port/a \ -ListenAddress $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^ListenAddress $VAR(@)$/d' /etc/ssh/sshd_config diff --git a/templates/service/ssh/macs/node.def b/templates/service/ssh/macs/node.def deleted file mode 100644 index ee6c60e1..00000000 --- a/templates/service/ssh/macs/node.def +++ /dev/null @@ -1,10 +0,0 @@ -type: txt -help: Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. See 'man sshd_config' for supported MACs. - -create: sudo sed -i -e '$ a \ -MACs $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^MACs $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^MACs/c \ -MACs $VAR(@)' /etc/ssh/sshd_config
\ No newline at end of file diff --git a/templates/service/ssh/node.def b/templates/service/ssh/node.def deleted file mode 100644 index 7117a2fd..00000000 --- a/templates/service/ssh/node.def +++ /dev/null @@ -1,8 +0,0 @@ -priority: 500 # After syslog and logins -help: Secure SHell (SSH) protocol -delete:sudo /usr/sbin/invoke-rc.d ssh stop - sudo sh -c "echo 'SSHD_OPTS=' > /etc/default/ssh" -end: if [ -z "$VAR(port/@)" ]; then exit 0; fi - STR="SSHD_OPTS=\"-p $VAR(port/@)\"" - sudo sh -c "echo '$STR' > /etc/default/ssh" - sudo /usr/sbin/invoke-rc.d ssh restart diff --git a/templates/service/ssh/port/node.def b/templates/service/ssh/port/node.def deleted file mode 100644 index d4f53378..00000000 --- a/templates/service/ssh/port/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -default: 22 -help: Port for SSH service -val_help: u32:1-65535; Numeric IP port - -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" |