diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-12-10 07:37:39 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-12-10 07:37:39 +0000 |
commit | 3e4e2e55a7f6323f1d38520083b6fc5c89a3a37f (patch) | |
tree | 1322d08ad066b302e4e8f8709dc22cb998e8a108 | |
parent | 5f046dc34a667ff0d1ec10e809c229c234d43056 (diff) | |
parent | de26eac7fbe6fe93f6e56df5c0352a8544def833 (diff) | |
download | v-i-3e4e2e55a7f6323f1d38520083b6fc5c89a3a37f.tar.gz |
Merge branch 'fixes' into 'main'
fix installation to be compatible with my other Ansible stuff
See merge request larswirzenius/v-i!41
-rwxr-xr-x | configure-installer | 6 | ||||
-rw-r--r-- | std.yml | 14 |
2 files changed, 10 insertions, 10 deletions
diff --git a/configure-installer b/configure-installer index e52aa19..7851acd 100755 --- a/configure-installer +++ b/configure-installer @@ -122,10 +122,10 @@ def user_ca(config, mp): return ca_key = cat(ca_path) - include = f"{mp}/etc/ssh/sshd_config.d/userca.conf" - write(include, "TrustedUserCAKeys /etc/ssh/user_ca_keys\n", 0, 0, 0o644) + include = f"{mp}/etc/ssh/sshd_config.d/user_ca.conf" + write(include, "TrustedUserCAKeys /etc/ssh/user_ca_pubs\n", 0, 0, 0o644) - cakeys = f"{mp}/etc/ssh/user_ca_keys" + cakeys = f"{mp}/etc/ssh/user_ca_pubs" write(cakeys, ca_key, 0, 0, 0o644) @@ -39,7 +39,7 @@ copy: content: | {{ user_ca_pubkey }} - dest: /etc/ssh/user_ca_keys + dest: /etc/ssh/user_ca_pubs - name: "restrict root logins over ssh to require a key" lineinfile: @@ -51,15 +51,15 @@ when: user_ca_pubkey is defined copy: content: | - TrustedUserCAKeys /etc/ssh/user_ca_keys - dest: /etc/ssh/sshd_config.d/userca.conf + TrustedUserCAKeys /etc/ssh/user_ca_pubs + dest: /etc/ssh/sshd_config.d/user_ca.conf - name: "install host key" when: host_key is defined copy: content: | {{ host_key }} - dest: /etc/ssh/ssh_host_ed25519_key + dest: /etc/ssh/ssh_host_key mode: 0600 - name: "install host cert" @@ -67,15 +67,15 @@ copy: content: | {{ host_cert }} - dest: /etc/ssh/ssh_host_ed25519_key-cert.pub + dest: /etc/ssh/ssh_host_key-cert.pub mode: 0644 - name: "configue sshd to use host cert" when: host_cert is defined copy: content: | - HostKey /etc/ssh/ssh_host_ed25519_key - HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub + HostKey /etc/ssh/ssh_host_key + HostCertificate /etc/ssh/ssh_host_key-cert.pub dest: /etc/ssh/sshd_config.d/host_cert.conf - name: "configure keyboard layout" |