Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


r1337-sshconfig (7) Versions 0.1.1

Configure OpenSSH with standard or hardened settings

cookbook 'r1337-sshconfig', '= 0.1.1', :supermarket
cookbook 'r1337-sshconfig', '= 0.1.1'
knife supermarket install r1337-sshconfig
knife supermarket download r1337-sshconfig
Quality 29%

Chef Cookbook - r1337-sshconfig

This Chef cookbook will configure SSH on Linux servers to be compliant with Route 1337 security policies. There are a few versions of the configuration depending on the recipe that is chosen

SSH Config Recipes

  1. standardssh.rb is the standard recipe suitable for use on internal LANs or where networks are trusted to be secured
  2. hardenedssh.rb is a recipe for use in DMZs or other networks where sophisticated attacks are either expected, or where more stringent policies exist

Changes Performed

  1. Configures OpenSSH server with custom security settings depending on recipe selected.
  2. Ensures OpenSSH is installed, configured and enabled/running


  1. Chef (Tested on Chef 13)
  2. Linux chef-clients (Tested on Ubuntu 14.04, Ubuntu 16.04 and CentOS 7.2 but kitchen will let you test anything you want)
  3. The openssh cookbook from Chef Supermarket

Installation Tips

  1. We personally use Berks to install this into Chef servers, because it will grab the dependencies for you as well.
  2. You must set the attribute ['r1337-sshconfig']['sshpolicy'] to hardened if you want something stronger than the default. For most people the default is fine.


  1. None so far :)

Known Issues

  1. None so far :)

Bug Fixes & Changes

  1. v0.1.1
    1. Set AllowTcpForwarding no on the Hardened configuration
  2. v0.1.0
    1. Initial release

Use Cases

Configuring SSH as part of a base security requirement

Route 1337, LLC operates entirely on donations. If you find this cookbook useful, please consider donating via one of these methods.

  1. Bitcoin: 1CnzzrPh3iirEkLRLiWFKXDV9i5TXHQjE2
  2. Bitcoin Cash: qzcq645swgd87s7t5mmmjcumf4armhtjt5euww5c29
  3. Litecoin: LWYbc9hf5ErJsF874Q3wwmMiASHRWgwrjR
  4. Ethereum: 0x117543aa7a4D704849171cA06568Ece71B111D18

Thank you for your support!

Dependent cookbooks

openssh >= 0.0.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Collaborator Number Metric

0.1.1 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric

0.1.1 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must contain a file

Foodcritic Metric

0.1.1 failed this metric

FC069: Ensure standardized license defined in metadata: r1337-sshconfig/metadata.rb:1
Run with Foodcritic Version 12.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric

0.1.1 failed this metric

r1337-sshconfig does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.

No Binaries Metric

0.1.1 passed this metric

Testing File Metric

0.1.1 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must contain a file

Version Tag Metric

0.1.1 passed this metric