Alexander Weidinger
5 年前
+ 1
- 1
openssh/config.sls
查看文件
| @@ -36,7 +36,7 @@ ssh_config: | |||
| {%- endif %} | |||
| {% endif %} | |||
| {%- for keyType in ['ecdsa', 'dsa', 'rsa', 'ed25519'] %} | |||
| {%- for keyType in openssh['host_key_algos'].split(',') %} | |||
| {%- set keyFile = "/etc/ssh/ssh_host_" ~ keyType ~ "_key" %} | |||
| {%- set keySize = salt['pillar.get']('openssh:generate_' ~ keyType ~ '_size', False) %} | |||
| {%- if salt['pillar.get']('openssh:provide_' ~ keyType ~ '_keys', False) %} | |||
+ 4
- 0
openssh/defaults.yaml
查看文件
| @@ -19,6 +19,10 @@ openssh: | |||
| dig_pkg: dnsutils | |||
| ssh_moduli: /etc/ssh/moduli | |||
| root_group: root | |||
| # Prevent merge of array; always override values | |||
| host_key_algos: ecdsa,ed25519,rsa | |||
| # To manage/remove DSA: | |||
| #host_key_algos: dsa,ecdsa,ed25519,rsa | |||
| sshd_config: {} | |||
| ssh_config: {} | |||
正在加载...