diff options
-rw-r--r-- | std.yml | 27 |
1 files changed, 26 insertions, 1 deletions
@@ -44,9 +44,34 @@ - name: "configure sshd to accept CA for users" when: user_ca_pubkey is defined copy: - content: TrustedUserCAKeys /etc/ssh/user_ca_keys + content: | + TrustedUserCAKeys /etc/ssh/user_ca_keys dest: /etc/ssh/sshd_config.d/userca.conf + - name: "install host key" + when: host_key is defined + copy: + content: | + {{ host_key }} + dest: /etc/ssh/ssh_host_ed25519_key + mode: 0600 + + - name: "install host cert" + when: host_cert is defined + copy: + content: | + {{ host_cert }} + dest: /etc/ssh/ssh_host_ed25519_key-cert.pub + mode: 0644 + + - name: "configue sshd to use host cert" + when: host_cert is defined + copy: + content: | + HostKey /etc/ssh/ssh_host_ed25519_key + HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub + dest: /etc/ssh/sshd_config.d/host_cert.conf + - name: "configure keyboard layout" copy: content: | |