- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with ssh
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
一个简单管理ssh的puppet模块
此模块仅对ssh服务进行安装、简单配置并管理其运行状态;此模块不提供删除ssh的功能。
- openssh package
- openssh configuration
- openssh service
由于模块在安装ssh包的时候会用到源,请使用之前确认软件源正常工作
If you just want server and client being installed and use with default option
node 'node1.bw-y.com' {
class { '::ssh': }
}
If you want managed ssh certain options:
node 'node1.bw-y.com' {
class { '::ssh':
sshd_port => [ '22', '22022' ],
sshd_servers => [ '192.168.0.11', '10.0.0.11' ],
sshd_usedns => 'no',
ssh_gssapiauth => 'no',
ssh_ssh_firstcheck => 'no',
}
}
- ssh: Main class, includes all other classes.
- ssh::install currently install openssh
- ssh::config manages configuration
- ssh::service manages service
The following parameters are available in the ::ssh class:
配置一个或多个ssh服务的监听端口. 有效数据类型: 数组. 默认值: [ '22' ]
配置一个或多个ssh服务的监听IP. 有效数据类型: 数组. 默认值: [ '0.0.0.0' ]
ssh DNS解析. 有效值 no:关闭;yes:开启. 默认值 no
是否开启内置sftp, 有效值 true:开启 false:不开启 默认值: false
ssh客户端的GSSAPI认证,关闭可以提升ssh连接速度。 有效值 no:关闭;yes:开启. 默认值 no
ssh客户端首次连接时是否询问yes/no,关闭则不询问。 有效值 no:关闭;yes:开启. 默认值 no
执行顺序,见stdlib::stages
目前仅支持系统如: rhel/centos(5/6) , ubuntu(10.04/12.04/14.04)