2022-01-26 20:02:28 +00:00
|
|
|
#jinja2: lstrip_blocks: True
|
|
|
|
|
{{ ansible_managed | comment }}
|
|
|
|
|
|
|
|
|
|
# Configuration file for the sshd service.
|
|
|
|
|
|
|
|
|
|
# The server keys are automatically generated if they are missing.
|
|
|
|
|
# To change the automatic creation, adjust sshd.service options for
|
|
|
|
|
# example using systemctl enable sshd-keygen@dsa.service to allow creation
|
|
|
|
|
# of DSA key or systemctl mask sshd-keygen@rsa.service to disable RSA key
|
|
|
|
|
# creation.
|
|
|
|
|
|
|
|
|
|
# Do not change this option unless you have hardware random
|
|
|
|
|
# generator and you REALLY know what you are doing
|
|
|
|
|
|
|
|
|
|
SSH_USE_STRONG_RNG=0
|
|
|
|
|
# SSH_USE_STRONG_RNG=1
|
2022-09-18 20:21:56 +00:00
|
|
|
{% if not sshd_crypto_policy_enabled | bool %}
|
2022-01-26 20:02:28 +00:00
|
|
|
|
2022-09-18 20:21:56 +00:00
|
|
|
# Disable system-wide crypto policy
|
2022-01-26 20:02:28 +00:00
|
|
|
CRYPTO_POLICY=
|
2022-09-18 20:21:56 +00:00
|
|
|
{% endif %}
|
