summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-12-23 13:03:38 +0100
committerGitHub <noreply@github.com>2024-12-23 13:03:38 +0100
commitc9febcc4c53d0bce09ce6b62d6fba12ea017d3f1 (patch)
tree1d423b681ff9c0575a781ef96fc9efde3f4a70ec /data
parent1258853a124780117967271ac5fa13bfaa024848 (diff)
parent8b560e7ef40b7c80c2556f111639eb4213d2c0aa (diff)
downloadvyos-1x-c9febcc4c53d0bce09ce6b62d6fba12ea017d3f1.tar.gz
vyos-1x-c9febcc4c53d0bce09ce6b62d6fba12ea017d3f1.zip
Merge pull request #4234 from takehaya/T6013-trusted-ca-keys
T6013: Add support for configuring TrustedUserCAKeys for ssh service
Diffstat (limited to 'data')
-rw-r--r--data/templates/ssh/sshd_config.j24
1 files changed, 4 insertions, 0 deletions
diff --git a/data/templates/ssh/sshd_config.j2 b/data/templates/ssh/sshd_config.j2
index 2cf0494c4..7e44efae8 100644
--- a/data/templates/ssh/sshd_config.j2
+++ b/data/templates/ssh/sshd_config.j2
@@ -110,3 +110,7 @@ ClientAliveInterval {{ client_keepalive_interval }}
{% if rekey.data is vyos_defined %}
RekeyLimit {{ rekey.data }}M {{ rekey.time + 'M' if rekey.time is vyos_defined }}
{% endif %}
+
+{% if trusted_user_ca_key is vyos_defined %}
+TrustedUserCAKeys /etc/ssh/trusted_user_ca_key
+{% endif %}