summaryrefslogtreecommitdiff
path: root/puppet/modules/site_sshd/templates/ssh_config.erb
diff options
context:
space:
mode:
authorMicah Anderson <micah@leap.se>2014-12-23 16:47:35 -0500
committerMicah Anderson <micah@leap.se>2014-12-23 16:47:35 -0500
commit574a0554a95ba74867ebd0ca4a93195bfa104c14 (patch)
treefd07b5b2ec8b32e82aa665dad117ee6e51791884 /puppet/modules/site_sshd/templates/ssh_config.erb
parent126faf8606f4911ccc3c1f55a9e0f381a46d536a (diff)
parentfc9a8af17d927085486052a53233401c42b0caab (diff)
Merge branch 'develop'
Conflicts: platform.rb Change-Id: Ic2e08e594d29a585691341c8667ac0b64933a505
Diffstat (limited to 'puppet/modules/site_sshd/templates/ssh_config.erb')
-rw-r--r--puppet/modules/site_sshd/templates/ssh_config.erb17
1 files changed, 17 insertions, 0 deletions
diff --git a/puppet/modules/site_sshd/templates/ssh_config.erb b/puppet/modules/site_sshd/templates/ssh_config.erb
index 7e967413..36c0b6d5 100644
--- a/puppet/modules/site_sshd/templates/ssh_config.erb
+++ b/puppet/modules/site_sshd/templates/ssh_config.erb
@@ -21,3 +21,20 @@ Host *
StrictHostKeyChecking no
<% end -%>
+#
+# Tell SSH what host key algorithm we should use. I don't understand why this
+# is needed, since the man page says that "if hostkeys are known for the
+# destination host then [HostKeyAlgorithms default] is modified to prefer
+# their algorithms."
+#
+
+<% @hosts.sort.each do |name, host| -%>
+Host <%= name %> <%= host['domain_full'] %> <%= host['domain_internal'] %> <%= host['ip_address'] %>
+<% if host['host_pub_key'] -%>
+HostKeyAlgorithms <%= host['host_pub_key'].split(" ").first %>
+<% end -%>
+<% if host['port'] -%>
+Port <%= host['port'] %>
+<% end -%>
+
+<% end -%>