Moving ssh hostkeys to openssh_keypair

This commit is contained in:
Tyler Hale 2024-11-24 15:24:53 -07:00
parent 8de7d0dfce
commit 80c91ba8ad
Signed by: Tyler
GPG key ID: C7CC4B910D88EF96

View file

@ -23,35 +23,40 @@
line: '127.0.1.1 {{ base_core_hostname }}'
state: present
- name: Remove ssh certs
- name: Generate /etc/ssh/ RSA host key
openssh_keypair:
path: /etc/ssh/ssh_host_rsa_key
owner: root
state: present
type: rsa
regenerate: full_idempotence
force: yes
- name: Generate /etc/ssh/ ECDSA host key
openssh_keypair:
path: /etc/ssh/ssh_host_rsa_key
owner: root
state: present
type: ecdsa
regenerate: full_idempotence
force: yes
- name: Generate /etc/ssh/ ED25519 host key
openssh_keypair:
path: /etc/ssh/ssh_host_rsa_key
owner: root
state: present
type: ed25519
regenerate: full_idempotence
force: yes
- name: Remove /etc/ssh/ DSA host key
file:
state: absent
path: "{{item}}"
loop:
- /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_dsa_key
- /etc/ssh/ssh_host_ecdsa_key
- /etc/ssh/ssh_host_ed25519_key
- name: Generate /etc/ssh/ RSA host key
command : ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C "" -N ""
args:
creates: /etc/ssh/ssh_host_rsa_key
- name: Generate /etc/ssh/ DSA host key
command : ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C "" -N ""
args:
creates: /etc/ssh/ssh_host_dsa_key
- name: Generate /etc/ssh/ ECDSA host key
command : ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C "" -N ""
args:
creates: /etc/ssh/ssh_host_ecdsa_key
- name: Generate /etc/ssh/ ED25519 host key
command : ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -C "" -N ""
args:
creates: /etc/ssh/ssh_host_ed25519_key
- /etc/ssh/ssh_host_dsa_key.pub
when: hostname_change.changed
- name: Flush handlers