From 32de8c803ad4f81640b194c5b2d7f6e52113d9a0 Mon Sep 17 00:00:00 2001 From: Martin Stefany Date: Sat, 9 Jan 2016 16:27:35 +0100 Subject: [PATCH 1/4] Add ed25519 key to default Fedora.yml Currently only supported Fedora distributions are 22 and 23, and they both ship openssh 7.1p1 which supports all 'rsa', 'ecdsa' and 'ed25519' keys, turn them on by default. --- vars/Fedora.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/Fedora.yml b/vars/Fedora.yml index aeafd85..883a028 100644 --- a/vars/Fedora.yml +++ b/vars/Fedora.yml @@ -7,6 +7,7 @@ sshd_defaults: HostKey: - /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_ecdsa_key + - /etc/ssh/ssh_host_ed25519_key SyslogFacility: AUTHPRIV AuthorizedKeysFile: .ssh/authorized_keys PasswordAuthentication: yes From ee74b9611f36cd6226b7ae7c3566ba98dd7ac8b9 Mon Sep 17 00:00:00 2001 From: Martin Stefany Date: Sat, 9 Jan 2016 16:28:51 +0100 Subject: [PATCH 2/4] Remove Fedora_22.yml Remove Fedora_22.yml since it matches 'default' Fedora.yml list of HostKeys. --- vars/Fedora_22.yml | 26 -------------------------- 1 file changed, 26 deletions(-) delete mode 100644 vars/Fedora_22.yml diff --git a/vars/Fedora_22.yml b/vars/Fedora_22.yml deleted file mode 100644 index 883a028..0000000 --- a/vars/Fedora_22.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -sshd_packages: - - openssh - - openssh-server -sshd_sftp_server: /usr/libexec/openssh/sftp-server -sshd_defaults: - HostKey: - - /etc/ssh/ssh_host_rsa_key - - /etc/ssh/ssh_host_ecdsa_key - - /etc/ssh/ssh_host_ed25519_key - SyslogFacility: AUTHPRIV - AuthorizedKeysFile: .ssh/authorized_keys - PasswordAuthentication: yes - ChallengeResponseAuthentication: no - GSSAPIAuthentication: yes - GSSAPICleanupCredentials: no - UsePAM: yes - X11Forwarding: yes - UsePrivilegeSeparation: sandbox - AcceptEnv: - - LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES - - LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT - - LC_IDENTIFICATION LC_ALL LANGUAGE - - XMODIFIERS - Subsystem: "sftp {{ sshd_sftp_server }}" -sshd_os_supported: yes From 97124cf594e334a8b5da10a2ec7e015e9fdf922e Mon Sep 17 00:00:00 2001 From: Martin Stefany Date: Sat, 9 Jan 2016 22:39:29 +0100 Subject: [PATCH 3/4] Update meta/main.yml Remove Fedora 20 from platforms and add Fedora 23. --- meta/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/main.yml b/meta/main.yml index ce10ca7..9c526fd 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -23,8 +23,8 @@ galaxy_info: - 7 - name: Fedora versions: - - 20 - 22 + - 23 categories: - networking - system From 7b2a86117ba89723df12cd83f33dcdf56e47f4ac Mon Sep 17 00:00:00 2001 From: Martin Stefany Date: Sun, 10 Jan 2016 14:29:24 +0100 Subject: [PATCH 4/4] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 992d94d..ec31705 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ Tested on: * Debian wheezy, jessie * FreeBSD 10.1 * EL 6,7 derived distributions -* Fedora 20, 22 +* Fedora 22, 23 It will likely work on other flavours and more direct support via suitable [vars/](vars/) files is welcome.