package "openssh-client"
package "openssh-server"
+template "/etc/ssh/sshd_config.d/chef.conf" do
+ source "sshd_config.conf.erb"
+ owner "root"
+ group "root"
+ mode "644"
+ notifies :restart, "service[ssh]"
+ only_if { Dir.exist?("/etc/ssh/sshd_config.d") }
+end
+
service "ssh" do
action [:enable, :start]
supports :status => true, :restart => true, :reload => true
end
-file "/etc/ssh/ssh_host_dsa_key" do
- action :delete
-end
-
-file "/etc/ssh/ssh_host_dsa_key.pub" do
- action :delete
-end
-
hosts = search(:node, "networking:interfaces").sort_by { |n| n[:hostname] }.collect do |node|
name = node.name.split(".").first
]
end
-template "/etc/ssh/ssh_config" do
- source "ssh_config.erb"
- mode 0o644
- owner "root"
- group "root"
-end
-
template "/etc/ssh/ssh_known_hosts" do
source "ssh_known_hosts.erb"
- mode 0o444
+ mode "444"
owner "root"
group "root"
backup false
action :accept
source "net"
dest "fw"
- proto "tcp:syn"
+ proto "tcp"
dest_ports node[:openssh][:port]
end