From b29f5a76be5dd8c6dbe6f6a141dd9e482aa71340 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Wed, 12 Apr 2017 18:24:37 +0000
Subject: [PATCH] Allow ECDSA and ED25519 SSH keys for non-infra

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/fas_server/templates/fas.cfg.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/fas_server/templates/fas.cfg.j2 b/roles/fas_server/templates/fas.cfg.j2
index c2b53d5b9f..4a0fe96fab 100644
--- a/roles/fas_server/templates/fas.cfg.j2
+++ b/roles/fas_server/templates/fas.cfg.j2
@@ -83,7 +83,7 @@ username_blacklist = "abuse,accounts,adm,admin,amanda,apache,askfedora,asterisk,
 email_domain_blacklist = "{{ fas_blocked_emails }}"
 
 # Valid SSH Key
-valid_ssh_key = "rsa,ssh-rsa,ecdsa,ecdsa-sha2"
+valid_ssh_key = "rsa,ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256"
 
 # admingroup has powers to change anything in the fas UI
 admingroup = 'accounts'