Layer: services

Module: ssh

Description:

Secure shell client and server policy.

Interfaces:

ssh_dontaudit_read_server_keys(
	
		domain
		
	)

Summary

Read ssh server keys

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

Return

Templates:

ssh_per_userdomain_template(
	
		userdomain_prefix
		
			,
		
		user_domain
		
			,
		
		user_role
		
	)

Summary

The per user domain template for the ssh module.

Description

This template creates a derived domains which are used for ssh client sessions and user ssh agents. A derived type is also created to protect the user ssh keys.

This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.

Parameters

Parameter:	Description:	Optional:
userdomain_prefix	The prefix of the user domain (e.g., user is the prefix for user_t).	No
user_domain	The type of the user domain.	No
user_role	The role associated with the user domain.	No

ssh_server_template(
	
		userdomain_prefix
		
	)

Summary

The template to define a ssh server.

Description

This template creates a domains to be used for creating a ssh server. This is typically done to have multiple ssh servers of different sensitivities, such as for an internal network-facing ssh server, and a external network-facing ssh server.

Parameters

Parameter:	Description:	Optional:
userdomain_prefix	The prefix of the server domain (e.g., sshd is the prefix for sshd_t).	No

Return