user|host (wrong) -> user@host (correct)

This commit is contained in:
Denis Knauf 2022-03-15 10:59:21 +01:00
parent 46d6b2c72d
commit 79b66529c8
2 changed files with 3 additions and 2 deletions

View file

@ -2,6 +2,7 @@ ssh_ca_user: sshca
ssh_ca_base_dir: ~/.ssh-ca
ssh_ca_pub: '{{ssh_ca_base_dir}}/ca.pub'
ssh_ca_command: ~/ssh-ca
ssh_cert_known_domain: '*'
ssh_cert_sign_host: '{{ssh_ca_host}}'
ssh_cert_sign_user: '{{ssh_ca_user}}'
ssh_cert_host_pub_path: /etc/ssh/ssh_host_ed25519_key.pub

View file

@ -74,7 +74,7 @@
hash_host: false
path: /etc/ssh/ssh_known_hosts
name: '{{ssh_cert_known_domain}}'
key: "@cert-authority *.{{ssh_cert_known_domain}},{{ssh_cert_known_domain}} {{lookup('file', ssh_cert_host_capub_path)}}"
key: "@cert-authority {{ssh_cert_known_domain}} {{lookup('file', ssh_cert_host_capub_path)}}"
- name: install ssh-cert-renew
copy:
@ -107,7 +107,7 @@
with_dict:
ssh_cert_mail_to: '{{ssh_cert_mail_to |mandatory}}'
ssh_cert_mail_from: '{{ssh_cert_mail_from|mandatory}}'
ssh_cert_sign_host: '{{ssh_cert_sign_user|mandatory}}|{{ssh_cert_sign_host|mandatory}}'
ssh_cert_sign_host: '{{ssh_cert_sign_user|mandatory}}@{{ssh_cert_sign_host|mandatory}}'
- name: renew host ssh-cert
systemd: