heat_template_version: pike description: > Configure sshd_config parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json BannerText: default: '' description: Configures Banner text in sshd_config type: string MessageOfTheDay: default: '' description: Configures /etc/motd text type: string SshServerOptions: default: HostKey: - '/etc/ssh/ssh_host_rsa_key' - '/etc/ssh/ssh_host_ecdsa_key' - '/etc/ssh/ssh_host_ed25519_key' SyslogFacility: 'AUTHPRIV' AuthorizedKeysFile: '.ssh/authorized_keys' PasswordAuthentication: 'no' ChallengeResponseAuthentication: 'no' GSSAPIAuthentication: 'yes' GSSAPICleanupCredentials: 'no' UsePAM: 'yes' X11Forwarding: 'yes' UsePrivilegeSeparation: 'sandbox' AcceptEnv: - 'LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES' - 'LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT' - 'LC_IDENTIFICATION LC_ALL LANGUAGE' - 'XMODIFIERS' Subsystem: 'sftp /usr/libexec/openssh/sftp-server' description: Mapping of sshd_config values type: json outputs: role_data: description: Role data for the ssh value: service_name: sshd config_settings: tripleo::profile::base::sshd::bannertext: {get_param: BannerText} tripleo::profile::base::sshd::motd: {get_param: MessageOfTheDay} tripleo::profile::base::sshd::options: {get_param: SshServerOptions} step_config: | include ::tripleo::profile::base::sshd