如何使用 puppet 模块修改 SSH 配置文件
[英]How to modify a SSH configuration file using a puppet module
问题描述
I am trying to modify a SSH configuration file to remove the arcfour , arcfour 128 and arcfour 256 algorithms in the /etc/ssh/sshd_config on 186 linux servers using puppet.
我正在尝试修改 SSH 配置文件,以使用 puppet 在 186 linux 服务器上的/etc/ssh/sshd_config删除arcfour 、 arcfour 128和arcfour 256算法。 Basically, I am doing a find and replace to remove those three algorithm types in the sshd_config file.基本上,我正在执行查找和替换以删除sshd_config文件中的这三种算法类型。 I created a module called SSH_Test and am wondering what my next steps would be.我创建了一个名为SSH_Test的模块,并想知道我接下来的步骤是什么。 I think I can use these resources, but I am unsure where to put them, and I am not sure if they are right我想我可以使用这些资源,但我不确定把它们放在哪里,我不确定它们是否正确
file_line { 'Ciphers':
path => '/etc/ssh/sshd_config',
line => 'arcfour, arcfour128, arcfour256',
match => '',
}
New configuration from below comment来自下面评论的新配置
node default {
file { '/etc/motd':
owner => 'root',
group => 'root',
mode => '0644',
content => "\nAll hail the knife crab\n"
}
}
1 个解决方案
解决方案1
1 2016-10-05 20:50:06
Following the documentation for file_line provided here: https://forge.puppet.com/puppetlabs/stdlib/types遵循此处提供的file_line文档: https : file_line
we have the following resource:我们有以下资源:
file_line { 'Ciphers':
ensure => absent,
path => '/etc/ssh/sshd_config',
match => '.*arcfour.*',
multiple => true,
match_for_absence => true,
}
ensure to remove the line, path for the specified file, match for the lines to match with a regexp, multiple because you want this to act on multiple lines in a file, and match_for_absence so that the lines are removed when matched. ensure删除指定文件的行, path ,匹配与正则表达式match的行, multiple因为您希望它作用于文件中的多行,以及match_for_absence以便在匹配时删除这些行。
If you are using Puppet >= 4.0, or 3.8 with the future parser, then this can be made more precise and cleaner with a lambda.如果您在未来的解析器中使用 Puppet >= 4.0 或 3.8,那么可以使用 lambda 使其更精确和更清晰。 Let me know if you are.如果你是,请告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.