corrections

2022-06-02 14:55:59 -07:00 · 2022-06-02 14:55:59 -07:00 · fec4d3943a
commit fec4d3943a
parent 0b878ece70
3 changed files with 22 additions and 2 deletions
--- a/tasks/ssh_config.yml
+++ b/tasks/ssh_config.yml
@ -50,8 +50,8 @@

        - name: Custom Modular Configuration
          template:
-            src: "etc/ssh/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-60-shootthej.conf.j2"
-            dest: "/etc/ssh/sshd_config.d/60-shootthej.conf"
+            src: "etc/ssh/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-60-infra.conf.j2"
+            dest: "/etc/ssh/sshd_config.d/60-infra.conf"
            owner: root
            group: root
            mode: '0600'
--- a/templates/etc/ssh/RedHat-9-60-infra.conf.j2
+++ b/templates/etc/ssh/RedHat-9-60-infra.conf.j2
@ -0,0 +1,19 @@
+################################################################################
+# Below managed by Shoot the J Ltd.
+#
+Banner /etc/banner
+PermitRootLogin no
+Port 22
+X11Forwarding no
+LoginGraceTime 1m
+
+# IPA
+AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys
+AuthorizedKeysCommandUser nobody
+ChallengeResponseAuthentication yes
+
+# IPA Automatic
+PubkeyAuthentication yes
+KerberosAuthentication no
+GSSAPIAuthentication yes
+UsePAM yes
--- a/templates/etc/ssh/Rocky-9-60-infra.conf.j2
+++ b/templates/etc/ssh/Rocky-9-60-infra.conf.j2
@ -0,0 +1 @@
+RedHat-9-60-infra.conf.j2