| Zack Williams | ba5549c | 2017-03-25 15:04:45 -0700 | [diff] [blame] | 1 | --- |
| 2 | # ssh-pki/tasks/main.yml | ||||
| 3 | |||||
| 4 | pki_dir: "/opt/pki" | ||||
| 5 | ssh_pki_dir: "/opt/ssh_pki" | ||||
| 6 | credentials_dir: "/opt/credentials" | ||||
| 7 | |||||
| 8 | # password on SSH CA | ||||
| 9 | ssh_ca_phrase: "{{ lookup('password', credentials_dir ~ '/ssh_ca_phrase length=64') }}" | ||||
| 10 | |||||
| 11 | # ssh-keygen parameters | ||||
| 12 | ssh_keytype: rsa | ||||
| 13 | ssh_keysize: 4096 | ||||
| 14 | |||||
| 15 | # lists of keys to generate | ||||
| 16 | ssh_client_genkeys: | ||||
| 17 | - name: headnode | ||||
| 18 | |||||
| 19 | ssh_host_genkeys: [] | ||||
| 20 | |||||