summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--services/main.cf2
-rw-r--r--services/sshd.cf33
-rw-r--r--templates/sshd/authorized_keys3
3 files changed, 38 insertions, 0 deletions
diff --git a/services/main.cf b/services/main.cf
index 4c2b022..5d994b3 100644
--- a/services/main.cf
+++ b/services/main.cf
@@ -7,12 +7,14 @@ bundle common classify
"check_mk",
"flavour",
"julien",
+ "sshd",
};
"inputs" slist => {
"services/check_mk.cf",
"services/common.cf",
"services/$(flavour).cf",
"services/julien.cf",
+ "services/sshd.cf",
};
debian::
"flavour" string => "debian";
diff --git a/services/sshd.cf b/services/sshd.cf
new file mode 100644
index 0000000..da602a1
--- /dev/null
+++ b/services/sshd.cf
@@ -0,0 +1,33 @@
+bundle agent sshd
+{
+ files:
+ freebsd::
+ "/etc/rc.conf"
+ create => "true",
+ edit_defaults => std_defs,
+ perms => system_owned("444"),
+ edit_line => append_if_no_line("sshd_enable=\"YES\""),
+ classes => if_repaired("sshd_rc_conf_file_repaired");
+ "/root/.ssh/."
+ create => "true",
+ perms => system_owned("700"),
+ classes => if_repaired("sshd_ssh_dir_repaired");
+ "/root/.ssh/authorized_keys"
+ create => "true",
+ edit_defaults => empty,
+ perms => system_owned("444"),
+ edit_template => "$(sys.inputdir)/templates/sshd/authorized_keys",
+ classes => if_repaired("sshd_authorized_keys_files_repaired");
+ classes:
+ freebsd::
+ "sshd_service_running" expression => returnszero("/usr/sbin/service sshd status", "noshell");
+ commands:
+ freebsd.!sshd_service_running::
+ "/usr/sbin/service sshd start" classes => if_repaired("sshd_service_repaired");
+ reports:
+ any::
+ "$(this.bundle): /etc/rc.conf repaired" ifvarclass => "sshd_rc_conf_file_repaired";
+ "$(this.bundle): /root/.ssh directory repaired" ifvarclass => "sshd_ssh_dir_repaired";
+ "$(this.bundle): /root/.ssh/authorized_keys repaired" ifvarclass => "sshd_rc_conf_file_repaired";
+ "$(this.bundle): sshd service repaired" ifvarclass => "sshd_service_repaired";
+}
diff --git a/templates/sshd/authorized_keys b/templates/sshd/authorized_keys
new file mode 100644
index 0000000..d3f7f5a
--- /dev/null
+++ b/templates/sshd/authorized_keys
@@ -0,0 +1,3 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDN1ha6PFKgxF3MSWUlDaruVVpj3UzoiN4IJEvDrCnDbIW8xu+TclbeGJSRXXBbqRKeUfhX0GDA7cvSUIAz2U7AGK7wq5tbzJKagVYtxcSHBSi6dZR9KGb3eoshnrCeFzem1jWXG02PZJGvjB+ml3QhUguyAqm9q0n/NL6zzKhGoKiELO+tQghGIY8jafRv4rE4yyXZnwuCu8JI9P8ldGhKgOPeOdKIVTIVezUmKILWgAF+Hg7O72rQqUua9sdoK1mEYme/wgu0bQbvN26owGgBAgS3uc2nngLD01TZToG/wC1wH9A3KxT6+3akjRlPfLOY0BuK4OBGEGm6e0KZrIMhUr8fHQ8nmTmBqw7puI0gIXYB2EjhpsQ7TijYVqLYXbyxaXYyqisgY0QRWC7Te5Io6TSgorfXzi7zrcQGgWByHkhxTylf36LYSKWEheIQIRqytOdGqeXagFMz2ptLFKk4dA61LS5fPXIJucdghvnmLPml8cO9/9VHQ7gq7DxQu7sIwt/W13yTTUyI9DSHwxeHUwECzxAb5pOVL6pRjTMH8q1/eAMl35TFSh6s5tGvvHGz9+gMlE9A2Pv8CyXDBmXV6srrwxTSlglnmgdq6c9w3VtBKu572/z0cS6vqZMgEno4rIiwyhqNWdjbMXYw/U0q/w5XC9zCcSuluxvaY14qqQ== perso
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCMgVz9WSgj4sWL4NjWEY3Mhb/D3Uw5JGUMHVqRd4SBqpP+SAw9i9AWtQSInsae0izx1NOEOOhSG7LQ3ocByXp+37opqo3xFibwWLoLimOXX2F9mnbR+AIhoFuojni0Wi7OlGVtq9rk5Di6VbrCeOG0zLMtBOn3X876f6bbdlGOm99yBVJi7bpU38Btiln+HkCwkoeFr0cOiIZ7LUFe/h6yk8S4IAq7TC90iznIbJUVdY/ap4FcxtEarmX8xAmUhq6ENYD9m5S51hcsvBwx4f00q2NBdi/3radwIZ5GrwzcRG+oPMQYe9Rr2y5Te+KKOzrJ3nuQdtTd7zZYDp4uEK7Wp/gCmfNEaylVJ6zsd6dda5SVsx03+XwhUq62yRaohUypCikVe9ygZ17jM/x4PG4OsFa7HiFjZ1FR83ETO7A5VR+FBb/ApRjjMCp7KqRWReQLSe3w66QXkS8dNsZMtH5ZAzsyzRrg0B5TQjtgyWyy358PCNwtQyqNUsl4xP7flnF53TvW9xfnBkJ8k72l/jMMFh1GJTyrBvHPI+WxVs6mV63XdUXTJSgQqE0k8fG2qBjaSfCbIlyeE6+9JyhFbtgVTo4jCqcwP+ZAWdiEAYU4eoaE7Rx5eFa0/iTw0uFAteDmXsCpJgf8rwIhRPuQHv4wzjFzaw+3qvA0/aDI83RGw== q10
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMdBAFjENiPMTtq90GT3+NZ68nfGxQiRExaYYnLzm1ecmulCvsuA4AOpeLY6f+FWe+ludiw7nhrXzssDdsKBy0QL+XQyvjjjW4X+k9MYhP1gAWXEOGJnjJ/1ovEsMt++6fLyNKLUTA46kErbEehDs22r+rIiEKatrn0BNrJcRI94H44oEL1/ImzVam0cSBL0tPiaJxe60sBs7M76zfyFtVdMGkeuBpS7ee+FLA58fsS3/sEZmkas8MT0QdvZz1y/66MknXYbIaqDSOUACXGF4yVKpogLRRJ1SgNo1Ujo/U3VOR1O4CiQczsZOcbSdjgl0x3fJb7BaIxrZy9iW2I7G/L/chfTvRws+x1s1y5FNZOOiXMCdZjhgLaRwb6p5gMsMVn9sJbhDjmejcAkBKQDkzbvxxhfVkH225FoVXA9YF0msWLyOEyZQYbA8autLDJsAOT5RDfw/G82DQBufAPEBR/bPby0Hl5kjqW75bpSVxDvzmKwt3EpITg9iuYEhvYZ/Zq5qC1UJ54ZfOvaf0PsTUzFePty6ve/JzfxCV1XgFQ+B8l4NSz11loDfNXSUngf7lL4qu5X4aN6WmLFO1YbyFlfpvt3K1CekJmWVeE5mV9EFTUJ4ParVWRGiA4W+zaCOsHgRkcGkp4eYGyWW8gOR/lVxYU2IFl9mbMrC9bkdRbQ== hurricane