diff options
| -rw-r--r-- | services/main.cf | 2 | ||||
| -rw-r--r-- | services/sshd.cf | 33 | ||||
| -rw-r--r-- | templates/sshd/authorized_keys | 3 |
3 files changed, 38 insertions, 0 deletions
diff --git a/services/main.cf b/services/main.cf index 4c2b022..5d994b3 100644 --- a/services/main.cf +++ b/services/main.cf @@ -7,12 +7,14 @@ bundle common classify "check_mk", "flavour", "julien", + "sshd", }; "inputs" slist => { "services/check_mk.cf", "services/common.cf", "services/$(flavour).cf", "services/julien.cf", + "services/sshd.cf", }; debian:: "flavour" string => "debian"; diff --git a/services/sshd.cf b/services/sshd.cf new file mode 100644 index 0000000..da602a1 --- /dev/null +++ b/services/sshd.cf @@ -0,0 +1,33 @@ +bundle agent sshd +{ + files: + freebsd:: + "/etc/rc.conf" + create => "true", + edit_defaults => std_defs, + perms => system_owned("444"), + edit_line => append_if_no_line("sshd_enable=\"YES\""), + classes => if_repaired("sshd_rc_conf_file_repaired"); + "/root/.ssh/." + create => "true", + perms => system_owned("700"), + classes => if_repaired("sshd_ssh_dir_repaired"); + "/root/.ssh/authorized_keys" + create => "true", + edit_defaults => empty, + perms => system_owned("444"), + edit_template => "$(sys.inputdir)/templates/sshd/authorized_keys", + classes => if_repaired("sshd_authorized_keys_files_repaired"); + classes: + freebsd:: + "sshd_service_running" expression => returnszero("/usr/sbin/service sshd status", "noshell"); + commands: + freebsd.!sshd_service_running:: + "/usr/sbin/service sshd start" classes => if_repaired("sshd_service_repaired"); + reports: + any:: + "$(this.bundle): /etc/rc.conf repaired" ifvarclass => "sshd_rc_conf_file_repaired"; + "$(this.bundle): /root/.ssh directory repaired" ifvarclass => "sshd_ssh_dir_repaired"; + "$(this.bundle): /root/.ssh/authorized_keys repaired" ifvarclass => "sshd_rc_conf_file_repaired"; + "$(this.bundle): sshd service repaired" ifvarclass => "sshd_service_repaired"; +} diff --git a/templates/sshd/authorized_keys b/templates/sshd/authorized_keys new file mode 100644 index 0000000..d3f7f5a --- /dev/null +++ b/templates/sshd/authorized_keys @@ -0,0 +1,3 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDN1ha6PFKgxF3MSWUlDaruVVpj3UzoiN4IJEvDrCnDbIW8xu+TclbeGJSRXXBbqRKeUfhX0GDA7cvSUIAz2U7AGK7wq5tbzJKagVYtxcSHBSi6dZR9KGb3eoshnrCeFzem1jWXG02PZJGvjB+ml3QhUguyAqm9q0n/NL6zzKhGoKiELO+tQghGIY8jafRv4rE4yyXZnwuCu8JI9P8ldGhKgOPeOdKIVTIVezUmKILWgAF+Hg7O72rQqUua9sdoK1mEYme/wgu0bQbvN26owGgBAgS3uc2nngLD01TZToG/wC1wH9A3KxT6+3akjRlPfLOY0BuK4OBGEGm6e0KZrIMhUr8fHQ8nmTmBqw7puI0gIXYB2EjhpsQ7TijYVqLYXbyxaXYyqisgY0QRWC7Te5Io6TSgorfXzi7zrcQGgWByHkhxTylf36LYSKWEheIQIRqytOdGqeXagFMz2ptLFKk4dA61LS5fPXIJucdghvnmLPml8cO9/9VHQ7gq7DxQu7sIwt/W13yTTUyI9DSHwxeHUwECzxAb5pOVL6pRjTMH8q1/eAMl35TFSh6s5tGvvHGz9+gMlE9A2Pv8CyXDBmXV6srrwxTSlglnmgdq6c9w3VtBKu572/z0cS6vqZMgEno4rIiwyhqNWdjbMXYw/U0q/w5XC9zCcSuluxvaY14qqQ== perso +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCMgVz9WSgj4sWL4NjWEY3Mhb/D3Uw5JGUMHVqRd4SBqpP+SAw9i9AWtQSInsae0izx1NOEOOhSG7LQ3ocByXp+37opqo3xFibwWLoLimOXX2F9mnbR+AIhoFuojni0Wi7OlGVtq9rk5Di6VbrCeOG0zLMtBOn3X876f6bbdlGOm99yBVJi7bpU38Btiln+HkCwkoeFr0cOiIZ7LUFe/h6yk8S4IAq7TC90iznIbJUVdY/ap4FcxtEarmX8xAmUhq6ENYD9m5S51hcsvBwx4f00q2NBdi/3radwIZ5GrwzcRG+oPMQYe9Rr2y5Te+KKOzrJ3nuQdtTd7zZYDp4uEK7Wp/gCmfNEaylVJ6zsd6dda5SVsx03+XwhUq62yRaohUypCikVe9ygZ17jM/x4PG4OsFa7HiFjZ1FR83ETO7A5VR+FBb/ApRjjMCp7KqRWReQLSe3w66QXkS8dNsZMtH5ZAzsyzRrg0B5TQjtgyWyy358PCNwtQyqNUsl4xP7flnF53TvW9xfnBkJ8k72l/jMMFh1GJTyrBvHPI+WxVs6mV63XdUXTJSgQqE0k8fG2qBjaSfCbIlyeE6+9JyhFbtgVTo4jCqcwP+ZAWdiEAYU4eoaE7Rx5eFa0/iTw0uFAteDmXsCpJgf8rwIhRPuQHv4wzjFzaw+3qvA0/aDI83RGw== q10 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMdBAFjENiPMTtq90GT3+NZ68nfGxQiRExaYYnLzm1ecmulCvsuA4AOpeLY6f+FWe+ludiw7nhrXzssDdsKBy0QL+XQyvjjjW4X+k9MYhP1gAWXEOGJnjJ/1ovEsMt++6fLyNKLUTA46kErbEehDs22r+rIiEKatrn0BNrJcRI94H44oEL1/ImzVam0cSBL0tPiaJxe60sBs7M76zfyFtVdMGkeuBpS7ee+FLA58fsS3/sEZmkas8MT0QdvZz1y/66MknXYbIaqDSOUACXGF4yVKpogLRRJ1SgNo1Ujo/U3VOR1O4CiQczsZOcbSdjgl0x3fJb7BaIxrZy9iW2I7G/L/chfTvRws+x1s1y5FNZOOiXMCdZjhgLaRwb6p5gMsMVn9sJbhDjmejcAkBKQDkzbvxxhfVkH225FoVXA9YF0msWLyOEyZQYbA8autLDJsAOT5RDfw/G82DQBufAPEBR/bPby0Hl5kjqW75bpSVxDvzmKwt3EpITg9iuYEhvYZ/Zq5qC1UJ54ZfOvaf0PsTUzFePty6ve/JzfxCV1XgFQ+B8l4NSz11loDfNXSUngf7lL4qu5X4aN6WmLFO1YbyFlfpvt3K1CekJmWVeE5mV9EFTUJ4ParVWRGiA4W+zaCOsHgRkcGkp4eYGyWW8gOR/lVxYU2IFl9mbMrC9bkdRbQ== hurricane |