Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

basessh: do not add new host key on pkgs01*

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2020-11-03 16:32:16 -08:00
parent f2e70b89bf
commit 84a7bbe56e
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
roles/basessh/templates/sshd_config
View file

@ -13,10 +13,14 @@ MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@op
{% endif %}
HostKey /etc/ssh/ssh_host_rsa_key
{% if ansible_hostname != 'pkgs01' %}
HostKey /etc/ssh/ssh_host_ed25519_key
{% endif %}
HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
{% if ansible_hostname != 'pkgs01' %}
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
{% endif %}
SyslogFacility AUTHPRIV
LogLevel VERBOSE