This file is used to list changes made in each version of the openssh cookbook.
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
- fix sshd-keygen command location for Amazon Linux 2023
- resolved cookstyle error: attributes/default.rb:120:58 refactor:
Chef/RedundantCode/MultiplePlatformChecks
Standardise files with files in sous-chefs/repo-management
- Disable PAM option on Windows
- Add Windows Support
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Remove delivery
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
Standardise files with files in sous-chefs/repo-management
- Standardise files with files in sous-chefs/repo-management
- Remove delivery folder
- Update tested platforms
- Improved sorting of Match objects in sshd_config
- Standardise files with files in sous-chefs/repo-management
- Standardise files with files in sous-chefs/repo-management
- Sous Chefs Adoption
- Cookstyle fixes
- Expand platform testing to the latest platforms - @tas50
- Move template files out of the default directory - @tas50
- Remove deprecated recipe and long_description metadata - @tas50
- Remove EOL opensuse platform from the metadata - @tas50
- Cookstyle fixes in the library - @tas50
- Add RHEL 8 docker container support - @tas50
- This release greatly improves the default attributes on openSUSE/SLES systems
- Update test kitchen config - @tas50
- Add code owners file - @tas50
- Cookstyle fixes - @tas50
- Remove testing of EOL Ubuntu 14.04 - @tas50
- Move the service name to a helper - @tas50
- Fix the roaming test for Amazon Linux 2 - @tas50
- Add opensuseleap 15 testing and Chef 14 testing - @tas50
- Disable roaming on SLES 15 as well - @tas50
- Support generating ssh keys in opensuse 15 containers - @tas50
- Move use_roaming attribute default logic to a helper - @tas50
- Configure the subystem properly on SUSE platform family - @tas50
- Move ssh host key determination to a helper with SLES 15 support - @tas50
- Make sure we return true when supported - @tas50
- Modernize the specs for the new ChefSpec release - @tas50
- Add platform version helpers for readability - @tas50
- Default specs to 18.04 - @tas50
- Avoid FC warning - @tas50
- Disable opensuse 15 testing for now - @tas50
- Add support for multiple subsystems
- Use template verify property instead of notify to handle configuration verification so we don't ever template out a non-functional config
- Add support for array values under a host hash and added indentation for host values
- Support Amazon Linux 2 in containers
- Swap Chef 12 testing for Chef 14 testing
- Create the privilege separation directory on debian/ubuntu, which is not always there on Docker images
- Add Ubuntu 18.04 testing
- Generate missing ssh keys on amazon linux as well. This impacts containers where ssh keys have not already been generated
- Fixed trusted user CA key documentation
- Collapse the smartos hostkey attributes into the centos 6 attributes since they were the same values
- Make sure the hostkey attribute works when RHEL 8 comes out by not constraining the version check too much
- Run sshd-keygen on Fedora / CentOS 7 when host keys are missing. Why would keys be missing? Well if you've never run sshd then you don't have keys on RHEL/Fedora. This happens primarily when you try to Chef a container
- Add Testing on Chef 12 to Travis so we test both 12 and 13
- Move the flat helper methods into an actual library that is properly loaded
- Added TrustedUserCAKeys and RevokedKeys support
- Enabled Foodcritic FC024 again
- Generate keys on systemd boxes before validating configs by starting sshd-keygen service if it exists. This prevents failures in docker
- Use multipackage installs to install client/server packages to speed up the chef run
- Add Debian 9 testing in Travis
- Add more platforms to Chefspecs, avoid deprecation warnings, and greatly speed up specs
- Fix a bug that resulted in RHEL 6 cert paths being incorrect and expanded testing to check ssh login behavior not just config validation.
- Config fixes for the sshd config on Amazon Linux
- Use the correct ssh host keys on RHEL 6
- Use the right sftp subsystem on Debian and Fedora
- Make sure the hostkeys are set on Debian/Ubuntu
- Fix AIX service to skip enable since AIX does not support enable
- Add basic AIX support
- Test with Local Delivery instead of Rake
- Initial Amazon Linux support for Chef 13
- Fix for sftp on rhel
- Add all supported SUSE releases to the readme and metadata
- Add support for multiple sshd ports.
- Switch to kitchen-dokken for integration testing in Travis CI
- EL7 intentionally lacks of auto-gen'd DSA key
- Fix commented default for ciphers and macs
- Add chef_version metadata
- Remove hostnames from the templates
- Basic Mac OS support
- Avoid node.set deprecation warnings
- Require Chef 12.1+
- Fix inspec tests
- Remove the service provider logic that isn't necessary in Chef 12
- Set the sftp subsystem on Ubuntu
- Don't set the Roaming No directive on RHEL systems before 7.0 as they ship with a sshd release which does not handle this directive
- Depend on the newer iptables cookbook, which bumps the required Chef release for this cookbook to 12.0+
- Restored sshd restarting post config change
- Removed the default['openssh']['rootgroup'] attribute and instead use root_group which was introduced in Chef 11.6.0
- UseRoaming no is now set in the client config to resolve CVE-2016-0777 and CVE-2016-0778
- Converted bats integration test to 2 suites of Inspec tests
- Added a libary to sort sshd_config entries while keeping port at the top to prevent sshd from failing to start
- Use the complete path to sshd when verifying the config file since sbin may not be in the path
- Perform a config syntax check before restarting the sshd so we don't break remote access to hosts
- Add support for Ubuntu 15.04+ with systemd
- Added a chefignore file
- Added Gitter badge for asking questions in a Gitter chat room
- 42 - Fixed support for SmartOS
- 46 - Correct ArchLinux service name
- 43 - Correct OpenSSH server package name on RHEL, Fedora
- 31 - Allow included iptables rule to use the same port number if defined in attributes.
- 41 - Fix default recipe order
- 47 - Fix up iptables rule
- 49 - Fixed the print_last_log attribute in the Readme
- Updated Test Kitchen config with all supported platforms
- Updated Test Kitchen / Foodcritic / Rubocop / Berkshelf depedencies in the Gemfile
- Replaced Travis Ruby 1.9.3/2.0.0 testing with 2.1.5/2.2.0
- Resolved all Rubocop warnings
- [COOK-4576] - No way to override
AuthorizedKeysFile
- [COOK-4584] - Use Upstart on Ubuntu 12.04
- [COOK-4585] - skip match block in template if empty or unset
- [COOK-4586] OpenSSH Gentoo support
- COOK-3995 - sshd_config template needs ordering
- COOK-3910 - ssh fails to start in Ubuntu 13.10
- COOK-2073 - Add support for Match block
- COOK-3644 - Add FreeBSD support
- COOK-2517 - Add hash support
- COOK-2000 - Make mode of sshd_config a configurable option
- COOK-3304 - Fix error setting Dynamic
ListenAddresses
- [COOK-2647]:
port_ssh
iptables template has no corresponding recipe
- [COOK-2225] - Add platform_family suse
- [COOK-1954] - Fix attribute camel case to match
man sshd_config
- [COOK-1889] - SSH restarting on each chef run due to template changes
- [COOK-1663] - Configurable ListenAddress based off list of interface names
- [COOK-1685] - Make default sshd_config value more robust
- [COOK-1014] - Templates for ssh(d).conf files.
- Current public release