How to add the option into or modify sshd_config in undercloud with hieradata_override.

Solution Verified - Updated -

Issue

  • How to add the option into or modify sshd_config in undercloud with hieradata_override.
  • Without customization, openstack undercloud install will modify sshd_config to the following configuration.

    # cat /etc/ssh/sshd_config 
    # File is managed by Puppet
    Port 22
    
    AcceptEnv LANG LC_*
    ChallengeResponseAuthentication no
    HostKey /etc/ssh/ssh_host_rsa_key
    HostKey /etc/ssh/ssh_host_ecdsa_key
    HostKey /etc/ssh/ssh_host_ed25519_key
    PrintMotd no
    Subsystem sftp /usr/libexec/openssh/sftp-server
    UsePAM yes
    X11Forwarding yes
    
  • By this modification, sshd writes its log into /var/log/messages not /var/log/secure. RHEL's default is AUTHPRIV facility in sshd_config.

Environment

  • Red Hat OpenStack Platform 13
  • sshd_config
  • undercloud

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In