cdist-type__sshd_config - Man Page

Manage options in sshd_config

Description

This space intentionally left blank.

Required Parameters

None.

Optional Parameters

file

The path to the sshd_config file to edit. Defaults to /etc/ssh/sshd_config.

match

Restrict this option to apply only for certain connections. Allowed values are what would be allowed to be written after a Match keyword in sshd_config, e.g. --match 'User anoncvs'.

Can be used multiple times. All of the values are ANDed together.

option

The name of the option to manipulate. Defaults to __object_id.

state

Can be:

  • present: ensure a matching config line is present (or the default value).
  • absent: ensure no matching config line is present.
value

The option's value to be assigned to the option (if --state present) or removed (if --state absent).

This option is required if --state present. If not specified and --state absent, all values for the given option are removed.

Boolean Parameters

None.

Examples

# Disallow root logins with password
__sshd_config PermitRootLogin --value without-password

# Disallow password-based authentication
__sshd_config PasswordAuthentication --value no

# Accept the EDITOR environment variable
__sshd_config AcceptEnv:EDITOR --option AcceptEnv --value EDITOR

# Force command for connections as git user
__sshd_config git@ForceCommand --match 'User git' --option ForceCommand \
    --value 'cd ~git && exec git-shell ${SSH_ORIGINAL_COMMAND:+-c "${SSH_ORIGINAL_COMMAND}"}'

See Also

sshd_config(5)

Bugs

Authors

Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>

Copying

Copyright (C) 2020 Dennis Camera. You can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Info

Jul 31, 2022 7.0.0 cdist