This repository was archived by the owner on Dec 26, 2020. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Original file line number Diff line number Diff line change 88# Basic configuration
99# ===================
1010
11- # Either disable or only allow root login via certificates.
11+ # Either disable or only allowssh root login via certificates.
1212PermitRootLogin {{ 'without-password' if ssh_allow_root_with_key else 'no' }}
1313
1414# Define which port sshd should listen to. Default to `22`.
@@ -99,15 +99,15 @@ LogLevel VERBOSE
9999# eg ruby's Net::SSH at around 2.2.* doesn't support sha2 for kex, so this will have to be set true in this case.
100100# based on: https://bettercrypto.org/static/applied-crypto-hardening.pdf
101101{% if ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '14.04' -%}
102- {% if sshd_server_weak_kex -%}
102+ {% if ssh_server_weak_kex -%}
103103 KexAlgorithms {{ ssh_kex_66_weak | join(',') }}
104104 {% else -%}
105105 KexAlgorithms {{ ssh_kex_66_default | join(',') }}
106106 {% endif %}
107107{% else -%}
108108 {% if ansible_os_family in ['Oracle Linux' , 'RedHat' ] or (ansible_distribution == 'Debian' and ansible_distribution_major_version <= '6' ) -%}
109109 #KexAlgorithms
110- {% elif sshd_server_weak_kex -%}
110+ {% elif ssh_server_weak_kex -%}
111111 KexAlgorithms {{ sshd_kex_59_weak | join(',') }}
112112 {% else -%}
113113 KexAlgorithms {{ ssh_kex_59_default | join(',') }}
You can’t perform that action at this time.
0 commit comments