I'm trying to use the puppet-ssh-hardening module to provide a secure sshd_config to my servers. I'm using Hiera to manage my config.
When using saz-ssh I can add config in hiera as shown in the example:
ssh::server_options:
Protocol: '2'
ListenAddress:
- '127.0.0.0'
- '%{::hostname}'
PasswordAuthentication: 'yes'
SyslogFacility: 'AUTHPRIV'
UsePAM: 'yes'
X11Forwarding: 'yes'
When I try to do this using ssh-hardening it doesn't work, not when using include ssh_hardening, nor when using something like:
$ssh = lookup('ssh', Hash, 'hash')
class { 'ssh_hardening':
server_options => {
* => $ssh[server_options],
}```
How can I correctly make Hiera override default settings in this module?
I'm trying to use the puppet-ssh-hardening module to provide a secure
sshd_configto my servers. I'm using Hiera to manage my config.When using saz-ssh I can add config in hiera as shown in the example:
When I try to do this using ssh-hardening it doesn't work, not when using
include ssh_hardening, nor when using something like: