Config-Model-OpenSsh
4 results

 view release on metacpan or  search on metacpan

lib/Config/Model/models/Sshd/MatchElement.pl  view on Meta::CPAN 

        'description' => "B<PermitListen>Specifies the addresses/ports
on which a remote TCP port forwarding may listen. The listen
specification must be one of the following forms:B<PermitListen>I<port> B<
PermitListen> I<host>:I<port>Multiple
permissions may be specified by separating them with
whitespace. An argument of B<any> can be used to remove
all restrictions and permit any listen requests. An argument
of B<none> can be used to prohibit all listen requests.
The host name may contain wildcards as described in the
PATTERNS section in L<ssh_config(5)>. The wildcard
\x{2019}*\x{2019} can also be used in place of a port number
to allow all ports. By default all port forwarding listen
requests are permitted. Note that the B<GatewayPorts>
option may further restrict which addresses may be listened
on. Note also that L<ssh(1)> will request a listen host of
\x{201c}localhost\x{201d} if no listen host was specifically
requested, and this this name is treated differently to
explicit localhost addresses of \x{201c}127.0.0.1\x{201d} and
\x{201c}::1\x{201d}.",
        'type' => 'list'
      },
      'PermitOpen',
      {
        'cargo' => {
          'type' => 'leaf',
          'value_type' => 'uniline'
        },
        'description' => "B<PermitOpen>Specifies the destinations to
which TCP port forwarding is permitted. The forwarding
specification must be one of the following forms:B<PermitOpen>I<host>:I<port> B<
PermitOpen> I<IPv4_addr>:I<port> B<
PermitOpen> I<[IPv6_addr]>:I<port>Multiple
forwards may be specified by separating them with
whitespace. An argument of B<any> can be used to remove
all restrictions and permit any forwarding requests. An
argument of B<none> can be used to prohibit all
forwarding requests. The wildcard \x{2019}*\x{2019} can be
used for host or port to allow all hosts or ports,
respectively. By default all port forwarding requests are
permitted.",
        'type' => 'list'
      },
      'PermitRootLogin',
      {
        'choice' => [
          'yes',
          'prohibit-password',
          'forced-commands-only',
          'no'
        ],
        'description' => 'B<PermitRootLogin>Specifies whether root can log
in using L<ssh(1)>. The argument must be B<yes>,
B<prohibit-password>, B<forced-commands-only>, or
B<no>. The default is B<prohibit-password>.If this option
is set to B<prohibit-password> (or its deprecated alias,
B<without-password>), password and keyboard-interactive
authentication are disabled for root.If this option
is set to B<forced-commands-only>, root login with
public key authentication will be allowed, but only if the
I<command> option has been specified (which may be
useful for taking remote backups even if root login is
normally not allowed). All other authentication methods are
disabled for root.If this option
is set to B<no>, root is not allowed to log in.',
        'type' => 'leaf',
        'value_type' => 'enum'
      },
      'PermitTTY',
      {
        'description' => 'B<PermitTTY>Specifies whether L<pty(4)>
allocation is permitted. The default is B<yes>.',
        'type' => 'leaf',
        'upstream_default' => 'yes',
        'value_type' => 'boolean',
        'write_as' => [
          'no',
          'yes'
        ]
      },
      'PermitTunnel',
      {
        'choice' => [
          'yes',
          'point-to-point',
          'ethernet',
          'no'
        ],
        'description' => 'B<PermitTunnel>Specifies whether L<tun(4)> device
forwarding is allowed. The argument must be B<yes>,
B<point-to-point> (layer 3), B<ethernet> (layer 2),
or B<no>. Specifying B<yes> permits both
B<point-to-point> and B<ethernet>. The default is
B<no>.Independent of
this setting, the permissions of the selected L<tun(4)> device
must allow access to the user.',
        'type' => 'leaf',
        'upstream_default' => 'no',
        'value_type' => 'enum'
      },
      'PermitUserRC',
      {
        'description' => 'B<PermitUserRC>Specifies whether any
I<~/.ssh/rc> file is executed. The default is
B<yes>.',
        'type' => 'leaf',
        'upstream_default' => 'yes',
        'value_type' => 'boolean',
        'write_as' => [
          'no',
          'yes'
        ]
      },
      'PubkeyAcceptedKeyTypes',
      {
        'description' => "B<PubkeyAcceptedKeyTypes>Specifies the key types that
will be accepted for public key authentication as a list of
comma-separated patterns. Alternately if the specified value
begins with a \x{2019}+\x{2019} character, then the specified
key types will be appended to the default set instead of
replacing them. If the specified value begins with a
\x{2019}-\x{2019} character, then the specified key types



( run in 2.316 seconds using v1.01-cache-2.11-cpan-5b529ec07f3 )