diff options
Diffstat (limited to 'ansible/ssh-dev.yml')
| -rw-r--r-- | ansible/ssh-dev.yml | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/ansible/ssh-dev.yml b/ansible/ssh-dev.yml index dd20b79..889c72b 100644 --- a/ansible/ssh-dev.yml +++ b/ansible/ssh-dev.yml @@ -12,11 +12,23 @@ Port {{ sshd_port }} dest: /etc/ssh/sshd_config.d/port.conf notify: sshd_restart + - name: "Configure user CA for SSH server" + when: sshd_user_ca_pub is defined + copy: + content: | + {{ sshd_user_ca_pub }} + dest: /etc/ssh/user_ca_pubs + - name: "Configure SSH server to accept user CA" + when: sshd_user_ca_pub is defined + copy: + content: | + TrustedUserCAKeys /etc/ssh/user_ca_pubs + dest: /etc/ssh/sshd_config.d/user_ca.conf handlers: - name: sshd_restart systemd: name: ssh - state: restarted + state: reloaded vars: ansible_python_interpreter: /usr/bin/python3 @@ -30,3 +42,5 @@ - username: liw sshd_port: 22 + sshd_user_ca_pub: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHdSnGI91exKItWsZi0XFVQWluS0FUdd12FLjuQk1FxG liw User CA v1 + |