4 files changed, 40 insertions, 40 deletions
diff --git a/data/templates/login/authorized_keys.tmpl b/data/templates/login/authorized_keys.j2
index 9402c8719..aabca47cf 100644
--- a/data/templates/login/authorized_keys.tmpl
+++ b/data/templates/login/authorized_keys.j2
@@ -1,9 +1,9 @@
 ### Automatically generated by system-login.py ###
 
 {% if authentication.public_keys is vyos_defined %}
-{%   for key, key_options in authentication.public_keys.items() %}
+{%     for key, key_options in authentication.public_keys.items() %}
 {# The whitespace after options is wisely chosen #}
 {{ key_options.options ~ ' ' if key_options.options is vyos_defined }}{{ key_options.type }} {{ key_options.key }} {{ key }}
-{%   endfor %}
+{%     endfor %}
 {% endif %}
 
diff --git a/data/templates/login/pam_radius_auth.conf.j2 b/data/templates/login/pam_radius_auth.conf.j2
new file mode 100644
index 000000000..1105b60e5
--- /dev/null
+++ b/data/templates/login/pam_radius_auth.conf.j2
@@ -0,0 +1,36 @@
+# Automatically generated by system-login.py
+# RADIUS configuration file
+
+{% if radius is vyos_defined %}
+{#     RADIUS IPv6 source address must be specified in [] notation #}
+{%     set source_address = namespace()  %}
+{%     if radius.source_address is vyos_defined %}
+{%         for address in radius.source_address %}
+{%             if address | is_ipv4 %}
+{%                 set source_address.ipv4 = address %}
+{%             elif address | is_ipv6 %}
+{%                 set source_address.ipv6 = "[" + address + "]" %}
+{%             endif %}
+{%         endfor %}
+{%     endif %}
+{%     if radius.server is vyos_defined %}
+# server[:port]        shared_secret             timeout    source_ip
+{# .items() returns a tuple of two elements: key and value. 1 relates to the 2nd element i.e. the value and .priority relates to the key from the internal dict #}
+{%         for server, options in radius.server.items() | sort(attribute='1.priority') if not options.disabled %}
+{#         RADIUS IPv6 servers must be specified in [] notation #}
+{%             if server | is_ipv4 %}
+{{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is vyos_defined }}
+{%             else %}
+[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is vyos_defined }}
+{%             endif %}
+{%         endfor %}
+{%     endif %}
+
+priv-lvl 15
+mapped_priv_user radius_priv_user
+
+{%     if radius.vrf is vyos_defined %}
+vrf-name {{ radius.vrf }}
+{%     endif %}
+{% endif %}
+
diff --git a/data/templates/login/pam_radius_auth.conf.tmpl b/data/templates/login/pam_radius_auth.conf.tmpl
deleted file mode 100644
index 4e34ade41..000000000
--- a/data/templates/login/pam_radius_auth.conf.tmpl
+++ /dev/null
@@ -1,36 +0,0 @@
-# Automatically generated by system-login.py
-# RADIUS configuration file
-
-{% if radius is vyos_defined %}
-{#   RADIUS IPv6 source address must be specified in [] notation #}
-{%   set source_address = namespace()  %}
-{%   if radius.source_address is vyos_defined %}
-{%     for address in radius.source_address %}
-{%       if address | is_ipv4 %}
-{%         set source_address.ipv4 = address %}
-{%       elif address | is_ipv6 %}
-{%         set source_address.ipv6 = "[" + address + "]" %}
-{%       endif %}
-{%     endfor %}
-{%   endif %}
-{% if radius.server is vyos_defined %}
-# server[:port]        shared_secret             timeout    source_ip
-{# .items() returns a tuple of two elements: key and value. 1 relates to the 2nd element i.e. the value and .priority relates to the key from the internal dict #}
-{%   for server, options in radius.server.items() | sort(attribute='1.priority') if not options.disabled %}
-{#   RADIUS IPv6 servers must be specified in [] notation #}
-{%     if server | is_ipv4 %}
-{{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is vyos_defined }}
-{%     else %}
-[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is vyos_defined }}
-{%     endif %}
-{%   endfor %}
-{% endif %}
-
-priv-lvl 15
-mapped_priv_user radius_priv_user
-
-{%   if radius.vrf is vyos_defined %}
-vrf-name {{ radius.vrf }}
-{%   endif %}
-{% endif %}
-
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py
index c9c6aa187..c717286ae 100755
--- a/src/conf_mode/system-login.py
+++ b/src/conf_mode/system-login.py
@@ -197,7 +197,7 @@ def generate(login):
                     pass
 
     if 'radius' in login:
-        render(radius_config_file, 'login/pam_radius_auth.conf.tmpl', login,
+        render(radius_config_file, 'login/pam_radius_auth.conf.j2', login,
                    permission=0o600, user='root', group='root')
     else:
         if os.path.isfile(radius_config_file):
@@ -241,7 +241,7 @@ def apply(login):
                 #
                 # XXX: Should we deny using root at all?
                 home_dir = getpwnam(user).pw_dir
-                render(f'{home_dir}/.ssh/authorized_keys', 'login/authorized_keys.tmpl',
+                render(f'{home_dir}/.ssh/authorized_keys', 'login/authorized_keys.j2',
                        user_config, permission=0o600,
                        formater=lambda _: _.replace("&quot;", '"'),
                        user=user, group='users')