-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpillar.example
58 lines (41 loc) · 1.94 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
authd:
lookup:
package: authd
service: auth.socket
unit: auth@
user: ident
path: /usr/sbin/in.authd
# Timeout in seconds
timeout: 60
# Send more helpful error messages for rare errors
extended_errors: True
# False: Reply with UNIX OS, True: Use OS gathered from uname, String: Return string as OS value
uname: True
# False: return plaintext username, True: Encrypt the username with AES-128-CBC, String: Cipherspec
crypt_username: True
# Use /etc/ident.key to read the crypto key from. Default if unspecified is /etc/ident.key
pwdfile: /etc/ident.key
# Cryptokey/Passphrase to use for username encryption. If specified, it'll be rolled out to the pwdfile by salt.
passphrase: MySemiSecurePassPhraseThatWillBeStoredPlaintextOnTheMachine
# True: Hide users with ~/[.noident] file, False: Do not hide users, String: Hide users with string value file
noident: .hideident
# True: Show users with ~/[.ident] file, False: Do not show users, String: Show users with string value file
ident: False
# False: Show real username, True: show nobody as user, String: Show string value as connection owner
username: False
# Be verbose when answering, add timestamp and ip addresses as well.
verbose: False
# Use DNS and Service name resolving for verbose answers. Will slow down the service
resolve: False
# Close connection instead of returning an error
no_errors: False
# Return UNKNOWN-ERROR instead of more detailed INVALID-PORT, NO-USER, and HIDDEN-USER messages
no_error_detail: False
# Only return numerical user IDs instead of usernames
uid_only: False
# Instead of the real operating system return only OTHER.
other_os: False
# True: Return full gecos field, False: Only username, integer: Number of gecos fields returned starting at 1
gecos: False
# In case a username or gecos entry is outside the ASCII range, define the charset to indicate to the remote client.
charset: UTF-8