Closed 54-68-65-20-53-74-61-67 closed 1 year ago
Here is what I came up with:
init.pp
$ssh_config_hostkeyalgorithms = undef,
$sshd_config_hostkeyalgorithms = undef,
[...]
if $ssh_config_hostkeyalgorithms != undef {
validate_array($ssh_config_hostkeyalgorithms)
}
if $sshd_config_hostkeyalgorithms != undef {
validate_array($sshd_config_hostkeyalgorithms)
}
ssh_config.erb
<% if @ssh_config_hostkeyalgorithms -%>
HostKeyAlgorithms <%= @ssh_config_hostkeyalgorithms.join(',') %>
<% end -%>
sshd_config.erb
<% if @sshd_config_hostkeyalgorithms -%>
HostKeyAlgorithms <%= @sshd_config_hostkeyalgorithms.join(',') %>
<% end -%>
README.md
ssh_config_hostkeyalgorithms
---------------
Array of hostkey algorithms to be used with the HostKeyAlgorithms option in ssh_config.
- *Default*: undef
[...]
sshd_config_hostkeyalgorithms
---------------
Array of hostkey algorithms to be used with the HostKeyAlgorithms option in sshd_config.
- *Default*: undef
I've tested this in my testlab puppet 5.5 master and it passes.
Cheers!
@pynixadm Have you put a pull request in for this change?
Functionality to set HostKeyAlgorithms
via $ssh::server::host_key_algorithms
was added with v4.
Please re-open if this doesn't fit your use case.
Hey,
I've been puzzling over this all day, the only option missing is a way to restrict HostKeyAlgorithms similar to ciphers/kex/macs.
I need to be able to add this line:
I'm not very proficient with git, but I could look into the code tomorrow and see if I can provide something.
Any help would be greatly appreciated!
Cheers.