Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Opscode OpenSSH Chef Cookbook fork which adds sshd_config tuning parameters and suse platform support
Ruby
Branch: sshd-config
Pull request Compare This branch is 3 commits behind fnichol:sshd-config.

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
attributes
recipes
templates
CHANGELOG.md
README.md
metadata.rb

README.md

Description

Installs and configures sshd.

Attributes

  • node['openssh'][port] - array of ports that sshd listens on, default [ "22" ]
  • node['openssh']['listen_address'] - array of IPs that sshd listens on, default [ "0.0.0.0" ]
  • node['openssh']['permit_root_login'] - can root ssh in, default "yes"
  • node['openssh']['x11_forwarding] - allow x11 forwarding, default "no"
  • node['openssh']['password_authentication'] - can users login with passwords instead of keys, default "yes"

MaxStartups specifies the maximum number of concurrent unauthenticated connections to the sshd daemon. Random early drop can be enabled by specifying three values:

  • node['openssh']['maxstartups']['start'] - if there are currently "start" unauthenticated connections (default 10)
  • node['openssh']['maxstartups']['rate'] - sshd will refuse connection attempts with a probability of "rate/100" (default 30)
  • node['openssh']['maxstartups']['full'] - all connection attempts are refused if the number of unauthenticated connections reaches "full" (default 60)
Something went wrong with that request. Please try again.