Ensure sshd_config syntax is correct if value is set for ssh_permit_tunnel

Richard Vodden · Richard Vodden · commit 4317dff1229d · 2025-02-04T13:45:13.000Z
diff --git a/roles/ssh_hardening/templates/opensshd.conf.j2 b/roles/ssh_hardening/templates/opensshd.conf.j2
@@ -206,7 +206,7 @@ ClientAliveInterval {{ ssh_client_alive_interval }}
 ClientAliveCountMax {{ ssh_client_alive_count }}
 
 # Disable tunneling
-PermitTunnel {{ ssh_permit_tunnel }}
+PermitTunnel {{ 'yes' if (ssh_permit_tunnel|bool) else 'no' }}
 
 # Disable forwarding tcp connections.
 # no real advantage without denied shell access
