Feature add: generate host keys with ssh-keygen

This commit is contained in:
Johan Fleury 2015-11-05 09:22:22 +01:00
parent b3df4fae54
commit 51859586a9
3 changed files with 24 additions and 0 deletions

View file

@ -62,6 +62,18 @@ If set to False, a reload of sshd wont happen on change. This can help with
troubleshooting. You'll need to manually reload sshd if you want to apply the
changed configuration. Defaults to the same value as ``sshd_manage_service``.
* sshd_generate_host_keys
If set to True, host keys will be generated with ``ssh-keygen -A``. Defaults to
*False*.
* sshd_regenerate_host_keys
This options implies ``sshd_generate_host_keys``.
If set to True, host keys will be deleted and and rengenerated with
``ssh-keygen -A``. Defaults to *False*.
* sshd
A dict containing configuration. e.g.

View file

@ -9,6 +9,10 @@ sshd_manage_service: "{{ false if ansible_virtualization_type == 'docker' else t
sshd_allow_reload: "{{ sshd_manage_service }}"
# If the below is false, don't manage /var/run/sshd directory
sshd_manage_var_run: "{{ false if ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' else true }}"
# Don't generate host keys
sshd_generate_host_keys: false
# Don't regenerate host keys
sshd_regenerate_host_keys: false
# Empty dicts to avoid errors
sshd: {}

View file

@ -34,6 +34,14 @@
tags:
- sshd
- name: Remove existing host keys
shell: rm -f /etc/ssh/ssh_host_*
when: sshd_regenerate_host_keys
- name: Generate host keys
shell: ssh-keygen -A
when: sshd_generate_host_keys or sshd_regenerate_host_keys
- name: Configuration
template:
src: sshd_config.j2