How to add the option into or modify sshd_config in undercloud with hieradata_override.

Solution Verified - Updated -

Issue

  • How to add the option into or modify sshd_config in undercloud with hieradata_override.

  • Without customization, openstack undercloud install will modify sshd_config to the following configuration.

    # cat /etc/ssh/sshd_config 
# File is managed by Puppet
Port 22

AcceptEnv LANG LC_*
ChallengeResponseAuthentication no
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
PrintMotd no
Subsystem sftp /usr/libexec/openssh/sftp-server
UsePAM yes
X11Forwarding yes

  • By this modification, sshd writes its log into /var/log/messages not /var/log/secure. RHEL's default is AUTHPRIV facility in sshd_config.

Environment

  • Red Hat OpenStack Platform 13
  • sshd_config
  • undercloud

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content