25 lines
496 B
YAML
25 lines
496 B
YAML
- name: ensure sshd is configured to trust user ca keys
|
|
copy:
|
|
src: trustedusercakeys.conf
|
|
dest: /etc/ssh/sshd_config.d/70-trustedusercakeys.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload sshd
|
|
tags:
|
|
- ssh-user-ca
|
|
- sshd-config
|
|
- config
|
|
|
|
- name: ensure ssh trusted user ca list is set
|
|
copy:
|
|
dest: /etc/ssh/ca.pub
|
|
content: >+
|
|
{{ ssh_trusted_user_ca_keys }}
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
tags:
|
|
- ssh-user-ca
|