Cliff Wakefield cliff-wakefield

## global.yaml
ssh::permit_root_login: 'no'
ssh::sshd_use_pam: 'yes'
ssh::sshd_config_strictmodes: 'yes'

## gist:d65c3405634d1e1014fa698f4d316e7e
# diff /tmp/sshd_config.bak /etc/ssh/sshd_config
1,2c1,2
< # Package generated configuration file
< # See the sshd_config(5) manpage for details
---
> # This file is being maintained by Puppet.
> # DO NOT EDIT
4c4,16
< # What ports, IPs and protocols we listen for
---

## gist:ed6c4868c4e40a6167f2fc39b8eb6a1e
# diff /tmp/ssh_config.bak /etc/ssh/ssh_config
0a1,4
> # This file is being maintained by Puppet.
> # DO NOT EDIT
>
> # $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
19c23
< Host *
---
> # Host *

## gist:b232ef51799908a0264eb7e95af09092
# facter -p
2016-08-28 23:24:56.390247 WARN  puppetlabs.facter - skipping external facts for "/opt/puppetlabs/puppet/cache/facts.d": No such file or directory
aio_agent_version => 1.6.1
augeas => {
  version => "1.4.0"
}
disks => {
  xvda => {
    size => "8.00 GiB",
    size_bytes => 8589934592

## gist:42fb93b8cf7b53c2c55b6ae9d84986c1
# apt show puppet-agent
Package: puppet-agent
Version: 1.6.1-1xenial
Priority: optional
Section: admin
Maintainer: Puppet Labs <info@puppetlabs.com>
Installed-Size: 82.0 MB
Provides: cfacter, facter, hiera, mcollective, mcollective-client, mcollective-common, puppet, puppet-common
Depends: tar, libreadline6
Breaks: cfacter (<< 0.5.0), facter (<< 3.0.0), hiera (<< 2.0.0), mcollective (<< 3.0.0), mcollective-client (<< 3.0.0), mcollective-common (<< 3.0.0), mcollective-doc, pe-agent, pe-augeas, pe-cloud-provisioner, pe-cloud-provisioner-libs, pe-facter, pe-hiera, pe-libldap, pe-libyaml, pe-mcollective, pe-mcollective-client, pe-mcollective-common, pe-openssl, pe-puppet, pe-puppet-enterprise-release (<< 4.0.0), pe-puppetserver-common (<< 4.0.0), pe-ruby, pe-ruby-augeas, pe-ruby-ldap, pe-ruby-mysql, pe-ruby-rgen, pe-ruby-shadow, pe-ruby-stomp, pe-rubygem-deep-merge, pe-rubygem-gem2rpm, pe-rubygem-net-ssh, pe-rubygems, pe-virt-what, puppet (<< 4.0.0), puppet-common (<< 4.0.0)

## sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2

## ssh_config
# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
	ssh::permit_root_login: 'no'
	ssh::sshd_use_pam: 'yes'
	ssh::sshd_config_strictmodes: 'yes'
	# diff /tmp/sshd_config.bak /etc/ssh/sshd_config
	1,2c1,2
	< # Package generated configuration file
	< # See the sshd_config(5) manpage for details
	---
	> # This file is being maintained by Puppet.
	> # DO NOT EDIT
	4c4,16
	< # What ports, IPs and protocols we listen for
	---
	# diff /tmp/ssh_config.bak /etc/ssh/ssh_config
	0a1,4
	> # This file is being maintained by Puppet.
	> # DO NOT EDIT
	>
	> # $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
	19c23
	< Host *
	---
	> # Host *
	# facter -p
	2016-08-28 23:24:56.390247 WARN puppetlabs.facter - skipping external facts for "/opt/puppetlabs/puppet/cache/facts.d": No such file or directory
	aio_agent_version => 1.6.1
	augeas => {
	version => "1.4.0"
	}
	disks => {
	xvda => {
	size => "8.00 GiB",
	size_bytes => 8589934592
	# apt show puppet-agent
	Package: puppet-agent
	Version: 1.6.1-1xenial
	Priority: optional
	Section: admin
	Maintainer: Puppet Labs <info@puppetlabs.com>
	Installed-Size: 82.0 MB
	Provides: cfacter, facter, hiera, mcollective, mcollective-client, mcollective-common, puppet, puppet-common
	Depends: tar, libreadline6
	Breaks: cfacter (<< 0.5.0), facter (<< 3.0.0), hiera (<< 2.0.0), mcollective (<< 3.0.0), mcollective-client (<< 3.0.0), mcollective-common (<< 3.0.0), mcollective-doc, pe-agent, pe-augeas, pe-cloud-provisioner, pe-cloud-provisioner-libs, pe-facter, pe-hiera, pe-libldap, pe-libyaml, pe-mcollective, pe-mcollective-client, pe-mcollective-common, pe-openssl, pe-puppet, pe-puppet-enterprise-release (<< 4.0.0), pe-puppetserver-common (<< 4.0.0), pe-ruby, pe-ruby-augeas, pe-ruby-ldap, pe-ruby-mysql, pe-ruby-rgen, pe-ruby-shadow, pe-ruby-stomp, pe-rubygem-deep-merge, pe-rubygem-gem2rpm, pe-rubygem-net-ssh, pe-rubygems, pe-virt-what, puppet (<< 4.0.0), puppet-common (<< 4.0.0)
	# Package generated configuration file
	# See the sshd_config(5) manpage for details

	# What ports, IPs and protocols we listen for
	Port 22
	# Use these options to restrict which interfaces/protocols sshd will bind to
	#ListenAddress ::
	#ListenAddress 0.0.0.0
	Protocol 2
	# HostKeys for protocol version 2
	# This is the ssh client system-wide configuration file. See
	# ssh_config(5) for more information. This file provides defaults for
	# users, and the values can be changed in per-user configuration files
	# or on the command line.

	# Configuration data is parsed as follows:
	# 1. command line options
	# 2. user-specific file
	# 3. system-wide file
	# Any configuration value is only changed the first time it is set.