From c74da7f021bb5467564c2e60511e53f3a30847c5 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@stanford.edu>
Date: Tue, 13 Aug 2013 14:51:42 -0700
Subject: [PATCH] Move ListenAddress to the top of sshd_config

This should be next to the port configuration, since it's related,
and is important enough that it needs to be at the top of the file
so that it can be easily found.  It also doesn't make sense after
per-user settings.
---
 templates/ssh/sshd_config.erb | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/templates/ssh/sshd_config.erb b/templates/ssh/sshd_config.erb
index 373a136..78b784f 100644
--- a/templates/ssh/sshd_config.erb
+++ b/templates/ssh/sshd_config.erb
@@ -4,6 +4,17 @@
 # GSS-API.  It will eventually become the default.  The default configuration
 # values that we don't change are omitted from this file.
 
+<%
+  if (listen_addresses != 'all')
+    # Split the addresses at the commas.
+    addresses = listen_addresses.split(',')
+    addresses.each do |address|
+-%>
+ListenAddress <%= address %>
+<%
+    end
+  end
+-%>
 Port 22
 Protocol 2
 <% if operatingsystem == 'RedHat' then -%>
@@ -79,14 +90,3 @@ Subsystem sftp /usr/lib/openssh/sftp-server
 Match User gitolite
     ForceCommand /usr/share/gitolite/gitolite-wrapper
 <% end -%>
-<%
-  if (listen_addresses != 'all')
-    # Split the addresses at the commas.
-    addresses = listen_addresses.split(',')
-    addresses.each do |address|
--%>
-ListenAddress <%= address %>
-<%
-    end
-  end
--%>
-- 
GitLab