content => template('sshd/sshd_config.erb'), } Port 22 Protocol 2 AllowUsers david pessoa chris rob wes Compression yes ... <% if @duoSecKey and @duoIntKey and @duoHost %> ForceCommand /usr/sbin/login_duo PermitTunnel no AllowTcpForwarding no <% end %>