Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow ssh_allow_tcp_forwarding to be a boolean #600

Merged
merged 2 commits into from
Nov 23, 2022

Conversation

crisbal
Copy link
Contributor

@crisbal crisbal commented Nov 14, 2022

After spending some time trying to figure out why I could not set ssh_allow_tcp_forwarding: true I have decided to update the code to allow it.

This patch will keep supporting all the other use cases, for example it will keep to return "no" for an unknown value.

This has probably bit many people in the past and was also discussed in #330

@crisbal crisbal force-pushed the crisbal/ssh-tcp-forward branch from bdfa31b to 686351e Compare November 14, 2022 13:17
@@ -64,7 +64,7 @@ As this role requires root-privileges, we added `become: true` to all tasks. So
- Description: Disable root-login. Set to `'without-password'` or `'yes'` to enable root-login - The quotes are required!
- `ssh_allow_tcp_forwarding`
- Default: `no`
- Description: `'no'` to disable TCP Forwarding. Set to `'yes'` to allow TCP Forwarding. If you are using OpenSSH >= 6.2 version, you can specify `'yes'`, `'no'`, `'all'`, `'local'`or`'remote'`. <br> _Note_: values passed to this variable must be strings, thus values `'yes'`and`'no'` should be passed with quotes.
- Description: `'no'` to disable TCP Forwarding. Set to `'yes'` to allow TCP Forwarding. If you are using OpenSSH >= 6.2 version, you can specify `'yes'`, `'no'`, `'all'`, `'local'`or`'remote'`. Can also be set to `true` for `'yes'` or `false` for `'no'`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Description: `'no'` to disable TCP Forwarding. Set to `'yes'` to allow TCP Forwarding. If you are using OpenSSH >= 6.2 version, you can specify `'yes'`, `'no'`, `'all'`, `'local'`or`'remote'`. Can also be set to `true` for `'yes'` or `false` for `'no'`.
- Description: `'no'` or `False` to disable TCP Forwarding. Set to `'yes'` or `True` to allow TCP Forwarding. If you are using OpenSSH >= 6.2 version, you can specify `'yes'`, `'no'`, `'all'`, `'local'`or`'remote'`.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have changed it as you suggested. Thanks :D

@rndmh3ro
Copy link
Member

LGTM, one minor change in the docs.
If you want to, you can also use the ternary-filter.

@crisbal crisbal force-pushed the crisbal/ssh-tcp-forward branch from 686351e to d36e530 Compare November 22, 2022 07:24
@rndmh3ro rndmh3ro merged commit 7d1da63 into dev-sec:master Nov 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants