From e7cab89f9f81b2eeb456657d26dda8bd7d7fc428 Mon Sep 17 00:00:00 2001
From: Takeru Hayasaka <hayatake396@gmail.com>
Date: Thu, 12 Dec 2024 02:27:02 +0900
Subject: T6013: Add support for configuring TrustedUserCAKeys in SSH service
 with local and remote CA keys

---
 data/templates/ssh/sshd_config.j2 | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'data')

diff --git a/data/templates/ssh/sshd_config.j2 b/data/templates/ssh/sshd_config.j2
index 2cf0494c4..7e44efae8 100644
--- a/data/templates/ssh/sshd_config.j2
+++ b/data/templates/ssh/sshd_config.j2
@@ -110,3 +110,7 @@ ClientAliveInterval {{ client_keepalive_interval }}
 {% if rekey.data is vyos_defined  %}
 RekeyLimit {{ rekey.data }}M {{ rekey.time + 'M' if rekey.time is vyos_defined }}
 {% endif %}
+
+{% if trusted_user_ca_key is vyos_defined %}
+TrustedUserCAKeys /etc/ssh/trusted_user_ca_key
+{% endif %}
-- 
cgit v1.2.3