5.1.2. HOWTO Disable SSH Management
To remove from the client nodes only:
--- simp::classes: - '--ssh'
To remove from the client nodes and SIMP server:
--- simp::classes: - '--ssh' simp::server::classes: - '--ssh'
ssh class also removes the
iptables rule that allows
connections to sshd. However, if the
svckill class (from the
simp/svckill Puppet module) is also included in your SIMP scenario, it
will not automatically kill sshd when you cease management of the SSH
configuration. This is because sshd has been whitelisted by
svckill::ignore_defaults. So, if you want
svckill to kill running
sshd services, you must add the following to your Hiera configuration:
--- svckill::ignore: - '--sshd'
'--ssh' knockout prefix above cannot prevent
being classified if it is included directly from Puppet code (e.g.,
include 'ssh') or by an ENC. However, you can stop managing the
SSH client and server configurations with the following Hiera configuration:
--- ssh::enable_client: false ssh::enable_server: false