From 83003f04fc477ec42518eddab0e3662672543916 Mon Sep 17 00:00:00 2001
From: Sven Velt <sven@velt.de>
Date: Tue, 12 Oct 2021 22:44:45 +0200
Subject: [PATCH] special var file for ed25519-only

---
 vars/ssh_ed25519.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 vars/ssh_ed25519.yml

diff --git a/vars/ssh_ed25519.yml b/vars/ssh_ed25519.yml
new file mode 100644
index 0000000..c5c0300
--- /dev/null
+++ b/vars/ssh_ed25519.yml
@@ -0,0 +1,24 @@
+ssh_hardening_opts:
+  KexAlgorithms:
+    - curve25519-sha256
+    - curve25519-sha256@libssh.org
+    - sntrup761x25519-sha512@openssh.com
+  Ciphers:
+    - chacha20-poly1305@openssh.com
+  MACs:
+    - hmac-sha2-256-etm@openssh.com
+    - hmac-sha2-512-etm@openssh.com
+    - umac-128-etm@openssh.com
+  HostKeyAlgorithms:
+    - ssh-ed25519
+    - ssh-ed25519-cert-v01@openssh.com
+    - sk-ssh-ed25519@openssh.com
+    - sk-ssh-ed25519-cert-v01@openssh.com
+
+  PubkeyAcceptedAlgorithms:
+    - ssh-ed25519
+    - ssh-ed25519-cert-v01@openssh.com
+
+  GSSAPIKexAlgorithms:
+    - gss-curve25519-sha256-
+