Configure SSH certificates

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
author: Patrick Uiterwijk <puiterwijk@redhat.com> 2017-04-10 10:20:15 +0000
committer: Patrick Uiterwijk <puiterwijk@redhat.com> 2017-04-10 10:20:15 +0000
commit: fcc5657525e0061d05d106cf109805ababa227b7 (patch)
tree: 68dae8b0ba7ce0a73c839421021a395332b13ab3
parent: de051be1d470ae922f2b20479aef0436b3ed4ec3 (diff)
download: ansible-fcc5657525e0061d05d106cf109805ababa227b7.tar.gz
ansible-fcc5657525e0061d05d106cf109805ababa227b7.tar.xz
ansible-fcc5657525e0061d05d106cf109805ababa227b7.zip
6 files changed, 6 insertions, 0 deletions
diff --git a/roles/base/files/ssh/sshd_config.7 b/roles/base/files/ssh/sshd_config.7
index c1d2b3037..a66f36acb 100644
--- a/roles/base/files/ssh/sshd_config.7
+++ b/roles/base/files/ssh/sshd_config.7
@@ -26,6 +26,7 @@
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
 
diff --git a/roles/base/files/ssh/sshd_config.default b/roles/base/files/ssh/sshd_config.default
index 996c26257..5045bc7ee 100644
--- a/roles/base/files/ssh/sshd_config.default
+++ b/roles/base/files/ssh/sshd_config.default
@@ -21,6 +21,7 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
 
 # Lifetime and size of ephemeral version 1 server key
diff --git a/roles/base/files/ssh/sshd_config.el6 b/roles/base/files/ssh/sshd_config.el6
index 996c26257..5045bc7ee 100644
--- a/roles/base/files/ssh/sshd_config.el6
+++ b/roles/base/files/ssh/sshd_config.el6
@@ -21,6 +21,7 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
 
 # Lifetime and size of ephemeral version 1 server key
diff --git a/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org b/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
index 471045ab9..d5601cb58 100644
--- a/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
+++ b/roles/base/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
@@ -26,6 +26,7 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
 
diff --git a/roles/base/files/ssh/sshd_config.pkgs b/roles/base/files/ssh/sshd_config.pkgs
index 7fddcd6ff..c73321c6b 100644
--- a/roles/base/files/ssh/sshd_config.pkgs
+++ b/roles/base/files/ssh/sshd_config.pkgs
@@ -21,6 +21,7 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
 
 # Lifetime and size of ephemeral version 1 server key
diff --git a/roles/base/files/ssh/sshd_config.releng b/roles/base/files/ssh/sshd_config.releng
index 996c26257..5045bc7ee 100644
--- a/roles/base/files/ssh/sshd_config.releng
+++ b/roles/base/files/ssh/sshd_config.releng
@@ -21,6 +21,7 @@ Protocol 2
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub
 #HostKey /etc/ssh/ssh_host_dsa_key
 
 # Lifetime and size of ephemeral version 1 server key
author	Patrick Uiterwijk <puiterwijk@redhat.com>	2017-04-10 10:20:15 +0000
committer	Patrick Uiterwijk <puiterwijk@redhat.com>	2017-04-10 10:20:15 +0000
commit	fcc5657525e0061d05d106cf109805ababa227b7 (patch)
tree	68dae8b0ba7ce0a73c839421021a395332b13ab3
parent	de051be1d470ae922f2b20479aef0436b3ed4ec3 (diff)
download	ansible-fcc5657525e0061d05d106cf109805ababa227b7.tar.gz ansible-fcc5657525e0061d05d106cf109805ababa227b7.tar.xz ansible-fcc5657525e0061d05d106cf109805ababa227b7.zip