Add variables for file owner and mode

[amendlik]

Permit customization of file owner and mode for ssh_config and sshd_config. I added this because the current default is 644, but CIS benchmarks recommend 600.

[0xf10e]

As long as ssh_config_mode: '600' doesn't end up in the defaults or pillar.example it's fine with me. This would prevent any global configuration of a host's OpenSSH client - and is a rather strange idea in my opinion.

[amendlik]

This PR does not change the current behavior in any way. It just makes it possible for the user to configure some hard coded values.

@0xf10e is right about ssh_config_mode: '600'. The CIS benchmark only specifies the permissions for sshd_config

[aboe76]

@amendlik can you then please revert the permissions on ssh_config, to be like the defaults in the kitchen.yml, somebody could think that's a good idea and see it as acceptable.

[0xf10e]

Looks good to me

[aboe76]

@amendlik could you please rebase, then I will merge it.

[aboe76]

Thanks, merging now.

[alxwr]

66c954e sets correct default values for OpenBSD and FreeBSD and repaces root_group.