Update sshd_config everywhere to present cert

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

6 files changed, 10 insertions, 2 deletions

diff --git a/roles/base/files/ssh/sshd_config.7 b/roles/base/files/ssh/sshd_config.7
index a66f36acb..0dd16fe48 100644
--- a/roles/base/files/ssh/sshd_config.7
+++ b/roles/base/files/ssh/sshd_config.7
@@ -28,7 +28,7 @@
 HostKey /etc/ssh/ssh_host_rsa_key
 HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
-HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
diff --git a/roles/base/files/ssh/sshd_config.buildhw b/roles/base/files/ssh/sshd_config.buildhw
index da5f79fcd..8a8e89ad7 100644
--- a/roles/base/files/ssh/sshd_config.buildhw
+++ b/roles/base/files/ssh/sshd_config.buildhw
@@ -22,6 +22,8 @@ Protocol 2
 
 # HostKey for protocol version 1
 #HostKey /etc/ssh/ssh_host_key
+HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 # HostKeys for protocol version 2
 #HostKey /etc/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_dsa_key
diff --git a/roles/base/files/ssh/sshd_config.kojibuilder b/roles/base/files/ssh/sshd_config.kojibuilder
index da5f79fcd..ad3d06888 100644
--- a/roles/base/files/ssh/sshd_config.kojibuilder
+++ b/roles/base/files/ssh/sshd_config.kojibuilder
@@ -25,6 +25,8 @@ Protocol 2
 # HostKeys for protocol version 2
 #HostKey /etc/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
diff --git a/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org b/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
index d5601cb58..d9cb0e422 100644
--- a/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
+++ b/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
@@ -28,7 +28,7 @@ Protocol 2
 HostKey /etc/ssh/ssh_host_rsa_key
 HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
-HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
diff --git a/roles/base/files/ssh/sshd_config.qa-prod b/roles/base/files/ssh/sshd_config.qa-prod
index 1607a0b83..dec0630a1 100644
--- a/roles/base/files/ssh/sshd_config.qa-prod
+++ b/roles/base/files/ssh/sshd_config.qa-prod
@@ -28,6 +28,8 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_dsa_key
 #HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
diff --git a/roles/base/files/ssh/sshd_config.qa-stg b/roles/base/files/ssh/sshd_config.qa-stg
index 1607a0b83..dec0630a1 100644
--- a/roles/base/files/ssh/sshd_config.qa-stg
+++ b/roles/base/files/ssh/sshd_config.qa-stg
@@ -28,6 +28,8 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_dsa_key
 #HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h