diff options
-rw-r--r-- | std.yml | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -16,6 +16,7 @@ passwd -l root - name: "create ~root/.ssh" + when: user_pub is defined file: state: directory path: /root/.ssh @@ -24,6 +25,7 @@ mode: 0700 - name: "set ~root/.ssh/authorized keys" + when: user_pub is defined copy: content: | {{ user_pub }} @@ -32,6 +34,19 @@ group: root mode: 0600 + - name: "install user CA public key" + when: user_ca_pubkey is defined + copy: + content: | + {{ user_ca_pubkey }} + dest: /etc/ssh/user_ca_keys + + - name: "configure sshd to accept CA for users" + when: user_ca_pubkey is defined + copy: + content: TrustedUserCAKeys /etc/ssh/user_ca_keys + dest: /etc/ssh/sshd_config.d/userca.conf + - name: "configure keyboard layout" copy: content: | |