Add Fedora support

Based on RedHat 7 with few modifications (ed25519 hostkey for F22,
GSSAPICleanupCredentials defaults to no, s/LC_TYPE/LC_CTYPE/ in
AcceptEnv).

Tested on Fedora 20 & 22.
This commit is contained in:
jitakirin 2015-06-26 10:23:42 +01:00
parent 89d44d947f
commit e6d8ba264c
4 changed files with 56 additions and 0 deletions

View file

@ -32,6 +32,7 @@ Tested on:
* Debian wheezy, jessie * Debian wheezy, jessie
* FreeBSD 10.1 * FreeBSD 10.1
* EL 6,7 derived distributions * EL 6,7 derived distributions
* Fedora 20, 22
It will likely work on other flavours and more direct support via suitable It will likely work on other flavours and more direct support via suitable
[vars/](vars/) files is welcome. [vars/](vars/) files is welcome.

View file

@ -21,6 +21,10 @@ galaxy_info:
versions: versions:
- 6 - 6
- 7 - 7
- name: Fedora
versions:
- 20
- 22
categories: categories:
- networking - networking
- system - system

25
vars/Fedora.yml Normal file
View file

@ -0,0 +1,25 @@
---
sshd_packages:
- openssh
- openssh-server
sshd_sftp_server: /usr/libexec/openssh/sftp-server
sshd_defaults:
HostKey:
- /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_ecdsa_key
SyslogFacility: AUTHPRIV
AuthorizedKeysFile: .ssh/authorized_keys
PasswordAuthentication: yes
ChallengeResponseAuthentication: no
GSSAPIAuthentication: yes
GSSAPICleanupCredentials: no
UsePAM: yes
X11Forwarding: yes
UsePrivilegeSeparation: sandbox
AcceptEnv:
- LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
- LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
- LC_IDENTIFICATION LC_ALL LANGUAGE
- XMODIFIERS
Subsystem: "sftp {{ sshd_sftp_server }}"
sshd_os_supported: yes

26
vars/Fedora_22.yml Normal file
View file

@ -0,0 +1,26 @@
---
sshd_packages:
- openssh
- openssh-server
sshd_sftp_server: /usr/libexec/openssh/sftp-server
sshd_defaults:
HostKey:
- /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_ecdsa_key
- /etc/ssh/ssh_host_ed25519_key
SyslogFacility: AUTHPRIV
AuthorizedKeysFile: .ssh/authorized_keys
PasswordAuthentication: yes
ChallengeResponseAuthentication: no
GSSAPIAuthentication: yes
GSSAPICleanupCredentials: no
UsePAM: yes
X11Forwarding: yes
UsePrivilegeSeparation: sandbox
AcceptEnv:
- LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
- LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
- LC_IDENTIFICATION LC_ALL LANGUAGE
- XMODIFIERS
Subsystem: "sftp {{ sshd_sftp_server }}"
sshd_os_supported: yes