Showing with 32 additions and 9 deletions.
  1. +1 −1 Modulefile
  2. +7 −1 README.md
  3. +1 −1 manifests/init.pp
  4. +23 −6 spec/classes/init_spec.rb
2 changes: 1 addition & 1 deletion Modulefile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name 'ghoneycutt-ssh'
version '3.2.1'
version '3.3.0'
source 'git://github.com/ghoneycutt/puppet-module-ssh.git'
author 'ghoneycutt'
license 'Apache License, Version 2.0'
Expand Down
8 changes: 7 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ sshd_config_challenge_resp_auth
-------------------------------
ChallengeResponseAuthentication option in sshd_config.

- *Default*: 'no'
- *Default*: 'yes'

sshd_config_print_motd
----------------------
Expand Down Expand Up @@ -286,6 +286,12 @@ ssh::keys:
user: root
type: dsa
key: AAAA...==
apachehup:
ensure: present
user: apachehup
type: rsa
key: 'AAAA...=='
options: 'command="/sbin/service httpd restart"'
root_for_userY:
ensure: absent
user: root
Expand Down
2 changes: 1 addition & 1 deletion manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
$sshd_config_port = '22',
$sshd_config_syslog_facility = 'AUTH',
$sshd_config_login_grace_time = '120',
$sshd_config_challenge_resp_auth = 'no',
$sshd_config_challenge_resp_auth = 'yes',
$sshd_config_print_motd = 'yes',
$sshd_config_use_dns = 'yes',
$sshd_config_banner = 'none',
Expand Down
29 changes: 23 additions & 6 deletions spec/classes/init_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication no$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication yes$/) }
it { should contain_file('sshd_config').with_content(/^PrintMotd yes$/) }
it { should contain_file('sshd_config').with_content(/^UseDNS yes$/) }
it { should contain_file('sshd_config').with_content(/^Banner none$/) }
Expand Down Expand Up @@ -135,7 +135,7 @@
it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication no$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication yes$/) }
it { should contain_file('sshd_config').with_content(/^PrintMotd yes$/) }
it { should contain_file('sshd_config').with_content(/^UseDNS yes$/) }
it { should contain_file('sshd_config').with_content(/^Banner none$/) }
Expand Down Expand Up @@ -218,7 +218,7 @@
it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication no$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication yes$/) }
it { should contain_file('sshd_config').with_content(/^PrintMotd yes$/) }
it { should contain_file('sshd_config').with_content(/^UseDNS yes$/) }
it { should contain_file('sshd_config').with_content(/^Banner none$/) }
Expand Down Expand Up @@ -301,7 +301,7 @@
it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication no$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication yes$/) }
it { should contain_file('sshd_config').with_content(/^PrintMotd yes$/) }
it { should contain_file('sshd_config').with_content(/^UseDNS yes$/) }
it { should contain_file('sshd_config').with_content(/^Banner none$/) }
Expand Down Expand Up @@ -401,7 +401,7 @@
:sshd_config_syslog_facility => 'DAEMON',
:sshd_config_login_grace_time => '60',
:permit_root_login => 'no',
:sshd_config_challenge_resp_auth => 'yes',
:sshd_config_challenge_resp_auth => 'no',
:sshd_config_print_motd => 'no',
:sshd_config_use_dns => 'no',
:sshd_config_banner => '/etc/sshd_banner',
Expand Down Expand Up @@ -430,7 +430,7 @@
it { should contain_file('sshd_config').with_content(/^SyslogFacility DAEMON$/) }
it { should contain_file('sshd_config').with_content(/^LoginGraceTime 60$/) }
it { should contain_file('sshd_config').with_content(/^PermitRootLogin no$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication yes$/) }
it { should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication no$/) }
it { should contain_file('sshd_config').with_content(/^PrintMotd no$/) }
it { should contain_file('sshd_config').with_content(/^UseDNS no$/) }
it { should contain_file('sshd_config').with_content(/^Banner \/etc\/sshd_banner$/) }
Expand Down Expand Up @@ -688,6 +688,13 @@
'type' => 'dsa',
'key' => 'AAAA==',
},
'apache_hup' => {
'ensure' => 'present',
'user' => 'apachehup',
'type' => 'dsa',
'key' => 'AAAA==',
'options' => 'command="/sbin/service httpd restart"',
},
'root_for_userY' => {
'ensure' => 'absent',
'user' => 'root',
Expand All @@ -703,6 +710,16 @@
})
}

it {
should contain_ssh_authorized_key('apache_hup').with({
'ensure' => 'present',
'user' => 'apachehup',
'type' => 'dsa',
'key' => 'AAAA==',
'options' => 'command="/sbin/service httpd restart"',
})
}

it {
should contain_ssh_authorized_key('root_for_userY').with({
'ensure' => 'absent',
Expand Down