From 27a21881d45e22b1e896741aaa5ee1c0cdfef918 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Mon, 8 Apr 2019 18:56:01 +0200 Subject: [PATCH] basessh: Make keyhelper explicit Signed-off-by: Patrick Uiterwijk --- inventory/group_vars/all | 1 + inventory/group_vars/pagure | 1 + inventory/group_vars/pagure-stg | 1 + roles/basessh/templates/sshd_config | 2 +- 4 files changed, 4 insertions(+), 1 deletion(-) diff --git a/inventory/group_vars/all b/inventory/group_vars/all index df151feb4d..721b2f300e 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -258,6 +258,7 @@ ipa_admin_password: "{{ ipa_prod_admin_password }}" # Normal default sshd port is 22 sshd_port: 22 +sshd_keyhelper: false # List of names under which the host is available ssh_hostnames: [] diff --git a/inventory/group_vars/pagure b/inventory/group_vars/pagure index 2bb8330ad6..d044a8c7d6 100644 --- a/inventory/group_vars/pagure +++ b/inventory/group_vars/pagure @@ -19,6 +19,7 @@ stunnel_source_port: 8088 stunnel_destination_port: 8080 sshd_config: ssh/sshd_config.pagure +sshd_keyhelper: true # These are consumed by a task in roles/fedmsg/base/main.yml fedmsg_certs: diff --git a/inventory/group_vars/pagure-stg b/inventory/group_vars/pagure-stg index 8a16748dc1..a859eca633 100644 --- a/inventory/group_vars/pagure-stg +++ b/inventory/group_vars/pagure-stg @@ -18,6 +18,7 @@ stunnel_source_port: 8088 stunnel_destination_port: 8080 sshd_config: ssh/sshd_config.pagure +sshd_keyhelper: true # These are consumed by a task in roles/fedmsg/base/main.yml fedmsg_certs: diff --git a/roles/basessh/templates/sshd_config b/roles/basessh/templates/sshd_config index 689ef481f4..517fe4d2b2 100644 --- a/roles/basessh/templates/sshd_config +++ b/roles/basessh/templates/sshd_config @@ -39,7 +39,7 @@ AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE AcceptEnv XMODIFIERS -{% if sshd_config == "pagure" %} +{% if sshd_keyhelper %} # For repospanner/git AuthorizedKeysCommandUser git AuthorizedKeysCommand /usr/libexec/pagure/keyhelper.py "%u" "%h" "%t" "%f"