Ansible/ssh-hardening
1
0
Fork 0
Code Issues 9 Pull requests 1 Projects Releases Wiki Activity

Regenerate too small RSA keys

Browse source 
closes #1
This commit is contained in:
Sven Velt 2021-10-19 10:23:13 +02:00
parent 1d08be491a
commit ed24147b3a
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
tasks/main.yml
View file

@ -60,6 +60,14 @@
loop: '{{ ssh_hardening_hostkeys }}' loop: '{{ ssh_hardening_hostkeys }}'
notify: Restart SSH notify: Restart SSH
- name: "Renew RSA hostkeys if too short"
openssh_keypair:
path: /etc/ssh/ssh_host_rsa_key
type: rsa
size: 4096
when: '"rsa" in ssh_hardening_hostkeys'
#################### ####################
- name: "INCLUDE: Remove small Diffie-Hellman moduli" - name: "INCLUDE: Remove small Diffie-Hellman moduli"