From 17d62ba9158bf909d4c23919447aa5df40de7f9f Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 16 Jun 2020 20:20:52 +0100 Subject: [PATCH 1/1] Revert to default ssh client configuration The HP ILO cards that needed custom configuration are long gone. --- .../openssh/templates/default/ssh_config.erb | 54 ++++++++++++++++--- 1 file changed, 46 insertions(+), 8 deletions(-) diff --git a/cookbooks/openssh/templates/default/ssh_config.erb b/cookbooks/openssh/templates/default/ssh_config.erb index d1e425eb3..2e1c9604f 100644 --- a/cookbooks/openssh/templates/default/ssh_config.erb +++ b/cookbooks/openssh/templates/default/ssh_config.erb @@ -1,13 +1,51 @@ -# DO NOT EDIT - This file is being maintained by Chef + +# This is the ssh client system-wide configuration file. See +# ssh_config(5) for more information. This file provides defaults for +# users, and the values can be changed in per-user configuration files +# or on the command line. + +# Configuration data is parsed as follows: +# 1. command line options +# 2. user-specific file +# 3. system-wide file +# Any configuration value is only changed the first time it is set. +# Thus, host-specific definitions should be at the beginning of the +# configuration file, and defaults at the end. + +# Site-wide defaults for some commonly used options. For a comprehensive +# list of available options, their meanings and defaults, please see the +# ssh_config(5) man page. Host * +# ForwardAgent no +# ForwardX11 no +# ForwardX11Trusted yes +# PasswordAuthentication yes +# HostbasedAuthentication no +# GSSAPIAuthentication no +# GSSAPIDelegateCredentials no +# GSSAPIKeyExchange no +# GSSAPITrustDNS no +# BatchMode no +# CheckHostIP yes +# AddressFamily any +# ConnectTimeout 0 +# StrictHostKeyChecking ask +# IdentityFile ~/.ssh/id_rsa +# IdentityFile ~/.ssh/id_dsa +# IdentityFile ~/.ssh/id_ecdsa +# IdentityFile ~/.ssh/id_ed25519 +# Port 22 +# Protocol 2 +# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc +# MACs hmac-md5,hmac-sha1,umac-64@openssh.com +# EscapeChar ~ +# Tunnel no +# TunnelDevice any:any +# PermitLocalCommand no +# VisualHostKey no +# ProxyCommand ssh -q -W %h:%p gateway.example.com +# RekeyLimit 1G 1h SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes - GSSAPIDelegateCredentials no - -Host *.oob - HostKeyAlgorithms ssh-rsa,ssh-dss - -Host *.oob.openstreetmap.org - HostKeyAlgorithms ssh-rsa,ssh-dss -- 2.45.2