mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-10 21:53:30 +01:00
32de8c803a
Currently only supported Fedora distributions are 22 and 23, and they both ship openssh 7.1p1 which supports all 'rsa', 'ecdsa' and 'ed25519' keys, turn them on by default.
26 lines
767 B
YAML
26 lines
767 B
YAML
---
|
|
sshd_packages:
|
|
- openssh
|
|
- openssh-server
|
|
sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
|
sshd_defaults:
|
|
HostKey:
|
|
- /etc/ssh/ssh_host_rsa_key
|
|
- /etc/ssh/ssh_host_ecdsa_key
|
|
- /etc/ssh/ssh_host_ed25519_key
|
|
SyslogFacility: AUTHPRIV
|
|
AuthorizedKeysFile: .ssh/authorized_keys
|
|
PasswordAuthentication: yes
|
|
ChallengeResponseAuthentication: no
|
|
GSSAPIAuthentication: yes
|
|
GSSAPICleanupCredentials: no
|
|
UsePAM: yes
|
|
X11Forwarding: yes
|
|
UsePrivilegeSeparation: sandbox
|
|
AcceptEnv:
|
|
- LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
|
- LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
|
- LC_IDENTIFICATION LC_ALL LANGUAGE
|
|
- XMODIFIERS
|
|
Subsystem: "sftp {{ sshd_sftp_server }}"
|
|
sshd_os_supported: yes
|