From fec4d3943a47676f7be60794aab6306af5dd174f Mon Sep 17 00:00:00 2001 From: nazunalika Date: Thu, 2 Jun 2022 14:55:59 -0700 Subject: [PATCH] corrections --- tasks/ssh_config.yml | 4 ++-- templates/etc/ssh/RedHat-9-60-infra.conf.j2 | 19 +++++++++++++++++++ templates/etc/ssh/Rocky-9-60-infra.conf.j2 | 1 + 3 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 templates/etc/ssh/RedHat-9-60-infra.conf.j2 create mode 120000 templates/etc/ssh/Rocky-9-60-infra.conf.j2 diff --git a/tasks/ssh_config.yml b/tasks/ssh_config.yml index 523c44d..bb5e4ac 100644 --- a/tasks/ssh_config.yml +++ b/tasks/ssh_config.yml @@ -50,8 +50,8 @@ - name: Custom Modular Configuration template: - src: "etc/ssh/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-60-shootthej.conf.j2" - dest: "/etc/ssh/sshd_config.d/60-shootthej.conf" + src: "etc/ssh/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-60-infra.conf.j2" + dest: "/etc/ssh/sshd_config.d/60-infra.conf" owner: root group: root mode: '0600' diff --git a/templates/etc/ssh/RedHat-9-60-infra.conf.j2 b/templates/etc/ssh/RedHat-9-60-infra.conf.j2 new file mode 100644 index 0000000..1b61be0 --- /dev/null +++ b/templates/etc/ssh/RedHat-9-60-infra.conf.j2 @@ -0,0 +1,19 @@ +################################################################################ +# Below managed by Shoot the J Ltd. +# +Banner /etc/banner +PermitRootLogin no +Port 22 +X11Forwarding no +LoginGraceTime 1m + +# IPA +AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys +AuthorizedKeysCommandUser nobody +ChallengeResponseAuthentication yes + +# IPA Automatic +PubkeyAuthentication yes +KerberosAuthentication no +GSSAPIAuthentication yes +UsePAM yes diff --git a/templates/etc/ssh/Rocky-9-60-infra.conf.j2 b/templates/etc/ssh/Rocky-9-60-infra.conf.j2 new file mode 120000 index 0000000..1be25af --- /dev/null +++ b/templates/etc/ssh/Rocky-9-60-infra.conf.j2 @@ -0,0 +1 @@ +RedHat-9-60-infra.conf.j2 \ No newline at end of file