commit d6db8cb4a7d4eb0cc6bf30db0070e31cd9799169 Author: Nicolas Chauvet <kwizart(a)gmail.com&gt; Date: Wed Jul 31 14:23:16 2019 +0200 Update sshd host keys inventory/group_vars/all | 3 --- roles/basessh/templates/sshd_config | 2 -- 2 files changed, 0 insertions(+), 5 deletions(-) --- diff --git a/inventory/group_vars/all b/inventory/group_vars/all index 4fb14f5..54d51b0 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -313,9 +313,6 @@ redirectmatch_enabled: True # not on most of them, so default to false sshd_sftp: false -# Disable ssh pub key by default -sshd_host_certificate: False - # # Autodetect python version # diff --git a/roles/basessh/templates/sshd_config b/roles/basessh/templates/sshd_config index 4ed7b9a..7ec4a85 100644 --- a/roles/basessh/templates/sshd_config +++ b/roles/basessh/templates/sshd_config @@ -13,9 +13,7 @@ MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm(a)op {% endif %} HostKey /etc/ssh/ssh_host_rsa_key -{% if sshd_host_certificate %} HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub -{% endif %} SyslogFacility AUTHPRIV LogLevel VERBOSE