From 8bccab571e7b557e3231a44cbf83fac2b884de40 Mon Sep 17 00:00:00 2001
From: Denis Knauf <deac+git@denkn.at>
Date: Sun, 24 Mar 2024 22:23:27 +0100
Subject: [PATCH] if include does not supported, it is an older sshd-version.
 unsupported ciphers/kex/macs could be set, so leave defaults.

---
 tasks/sshd_config.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tasks/sshd_config.yml b/tasks/sshd_config.yml
index 15586c8..fd076ac 100644
--- a/tasks/sshd_config.yml
+++ b/tasks/sshd_config.yml
@@ -45,9 +45,9 @@
       KerberosAuthentication: '{{sshd_kerberos_authentication}}'
       GSSAPIAuthentication:   '{{sshd_gssapi_authentication}}'
       TCPKeepAlive:           'yes'
-      Ciphers:                '{{sshd_ciphers}}'
-      MACs:                   '{{sshd_macs}}'
-      KexAlgorithms:          '{{sshd_kex_algorithms}}'
+      #Ciphers:                '{{sshd_ciphers}}'
+      #MACs:                   '{{sshd_macs}}'
+      #KexAlgorithms:          '{{sshd_kex_algorithms}}'
   - name: sshd_config
     lineinfile:
       path:        /etc/ssh/sshd_config