From f56e7154b9dfb36305cfb0c36998d245c26ad343 Mon Sep 17 00:00:00 2001
From: Alain Lamar <alain_lamar@yahoo.de>
Date: Tue, 2 Jan 2018 19:12:27 +0100
Subject: T122: Added a config node to implement sshd_config's DenyUsers

---
 templates/service/ssh/access-control/deny-users/node.def | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 templates/service/ssh/access-control/deny-users/node.def

(limited to 'templates/service/ssh/access-control/deny-users/node.def')

diff --git a/templates/service/ssh/access-control/deny-users/node.def b/templates/service/ssh/access-control/deny-users/node.def
new file mode 100644
index 00000000..a6426f90
--- /dev/null
+++ b/templates/service/ssh/access-control/deny-users/node.def
@@ -0,0 +1,11 @@
+type: txt
+help: Configure sshd_config access control for disallowed users.
+comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list.
+
+create: sudo sed -i -e '$ a \
+DenyUsers $VAR(@)' /etc/ssh/sshd_config
+
+delete: sudo sed -i -e '/^DenyUsers $VAR(@)$/d' /etc/ssh/sshd_config
+
+update: sudo sed -i -e '/^DenyUsers.*$/c \
+DenyUsers $VAR(@)' /etc/ssh/sshd_config
-- 
cgit v1.2.3