mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-10 05:33:29 +01:00
dd820d1c24
This is useful during provisioning, when the keys were not generated by sshd-keygen service or similar principles depending on operating system. This is also helpful when running this role in containers, where is no service running either. The keys are generally readable only by root, but in RHEL and Fedora, they are readable also by group ssh_keys, which is used for hostbased authentication. This should fix #111
13 lines
408 B
YAML
13 lines
408 B
YAML
---
|
|
sshd_packages:
|
|
- openssh
|
|
- openssh-server
|
|
sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
|
# Fedora 32 ships with drop-in directory support so we touch
|
|
# just included file with highest priority by default and have
|
|
# empty defaults
|
|
sshd_config_file: /etc/ssh/sshd_config.d/00-ansible_system_role.conf
|
|
__sshd_defaults:
|
|
__sshd_os_supported: yes
|
|
sshd_hostkey_group: ssh_keys
|
|
sshd_hostkey_mode: "0640"
|