[rudder-users] suggestion ssh directive
Matthieu CERDA
matthieu.cerda at normation.com
Tue Jul 5 15:02:50 CEST 2016
Le 05/07/2016 à 08:06, Maxime Longuet a écrit :
> I would appreciate to add feature of "UseDNS" in ssh directive :)
>
> Regards,
>
> Max
Hello Maxime,
Doing this would be quite easy: adding a new version of the
techniques/systemSettings/remoteAccess/sshConfiguration Technique, and
then two things:
* in config.st, adding before "classes:":
---8<---
rudder_openssh_server_usedns_edit::
"rudder_openssh_server_config[config][UseDNS]"
string => "&OPENSSH_SERVER_USEDNS&";
---8<---
and after "not => strcmp("&OPENSSH_SERVER_SYSLOGFACILITY&","dontchange");"
---8<---
# UseDNS edition ?
"rudder_openssh_server_usedns_edit"
not => strcmp("&OPENSSH_SERVER_USEDNS&","dontchange");
---8<---
thus adding a definition for the configuration itself in the
rudder_openssh_server_config array, and a class to select if the
settings needs to be changed.
* in metadata.xml:
After "<NAME>OPENSSH_SERVER_MAXSESSIONS</NAME>":
---8<---
<SELECT1>
<NAME>OPENSSH_SERVER_USEDNS</NAME>
<DESCRIPTION>Try to look up the remote host and verify if its
reverse dns maps to the same IP</DESCRIPTION>
<ITEM>
<VALUE>yes</VALUE>
<LABEL>Yes</LABEL>
</ITEM>
<ITEM>
<VALUE>no</VALUE>
<LABEL>No</LABEL>
</ITEM>
<ITEM>
<VALUE>dontchange</VALUE>
<LABEL>Don't change</LABEL>
</ITEM>
<CONSTRAINT>
<DEFAULT>dontchange</DEFAULT>
</CONSTRAINT>
</SELECT1>
---8<---
That should be enough, but probably needs to be tested first.
Would you mind contributing the modification for everyone to enjoy
afterwards ?
http://www.rudder-project.org/foswiki/Development/HowToContribute
Thanks a lot, and have a nice afternoon,
--
Matthieu CERDA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20160705/04647d9d/attachment.html>
More information about the rudder-users
mailing list