9da630d612
Multiple HostKeys can now be defined as a list, instead of allowing only one custom HostKey entry
74 lines
2.2 KiB
Django/Jinja
74 lines
2.2 KiB
Django/Jinja
{{ ansible_managed | comment }}
|
|
|
|
Port {{ openssh_port }}
|
|
AddressFamily {{ openssh_address_family }}
|
|
{% for a in openssh_listen_addresses %}
|
|
ListenAddress {{ a }}
|
|
{% endfor %}
|
|
|
|
{% if openssh_hostkeys is defined %}
|
|
{% for hostkey in openssh_hostkeys %}
|
|
HostKey {{ hostkey }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
{% if openssh_kexalgorithms is defined %}
|
|
KexAlgorithms {% for alg in openssh_kexalgorithms %}{{ alg }}{{ "," if not loop.last }}{% endfor %}
|
|
{% endif %}
|
|
|
|
{% if openssh_ciphers is defined %}
|
|
Ciphers {% for alg in openssh_ciphers %}{{ alg }}{{ "," if not loop.last }}{% endfor %}
|
|
{% endif %}
|
|
|
|
{% if openssh_macs is defined %}
|
|
MACs {% for alg in openssh_macs %}{{ alg }}{{ "," if not loop.last }}{% endfor %}
|
|
{% endif %}
|
|
|
|
|
|
AllowGroups {{ openssh_allow_groups }}
|
|
LoginGraceTime {{ openssh_login_grace_time }}
|
|
PermitRootLogin {{ openssh_permit_root_login }}
|
|
StrictModes {{ openssh_strict_modes }}
|
|
MaxAuthTries {{ openssh_max_auth_tries }}
|
|
MaxSessions {{ openssh_max_sessions }}
|
|
|
|
PubkeyAuthentication {{ openssh_pubkey_authentication }}
|
|
AuthorizedKeysFile {{ openssh_authorized_keys_file }}
|
|
|
|
HostbasedAuthentication {{ openssh_hostbased_authentication }}
|
|
|
|
PasswordAuthentication {{ openssh_password_authentication }}
|
|
PermitEmptyPasswords {{ openssh_permit_empty_passwords }}
|
|
ChallengeResponseAuthentication {{ openssh_challenge_response_authentication }}
|
|
KerberosAuthentication {{ openssh_kerberos_authentication }}
|
|
GSSAPIAuthentication {{ openssh_gssapi_authentication }}
|
|
UsePAM {{ openssh_use_pam }}
|
|
|
|
AllowAgentForwarding {{ openssh_allow_agent_forwarding }}
|
|
PermitTunnel {{ openssh_permit_tunnel }}
|
|
|
|
X11Forwarding {{ openssh_x11_forwarding }}
|
|
PrintMotd {{ openssh_print_motd }}
|
|
|
|
{% if openssh_banner == true %}
|
|
Banner {{ openssh_banner_file }}
|
|
{% endif %}
|
|
|
|
{% if openssh_permit_user_env == true %}
|
|
PermitUserEnvironment yes
|
|
|
|
{% for e in openssh_accept_env %}
|
|
AcceptEnv {{ e }}
|
|
{% endfor %}
|
|
{% else %}
|
|
PermitUserEnvironment no
|
|
{% endif %}
|
|
|
|
LogLevel {{ openssh_loglevel }}
|
|
|
|
{% if ansible_facts['os_family'] == 'RedHat' %}
|
|
Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTHPRIV -l INFO
|
|
{% elif ansible_facts['os_family'] == 'Debian' %}
|
|
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
|
|
{% endif %}
|