X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fssh%2Ftemplates%2Fsshd_config.erb;h=947a254755d1f5918ab61c58a1e4ce9ef9c8099e;hb=f4f11b99c265d4b1e52023634f40e7f1505f722e;hp=d0423f635d1201399c9aa224f1c8666e87b4aa3a;hpb=4c204db00bf2a402c4b3625ee2d5904b1a502aae;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ssh/templates/sshd_config.erb b/modules/ssh/templates/sshd_config.erb
index d0423f635..947a25475 100644
--- a/modules/ssh/templates/sshd_config.erb
+++ b/modules/ssh/templates/sshd_config.erb
@@ -9,10 +9,9 @@
 # What ports, IPs and protocols we listen for
 Port 22
 <%= extraports = case fqdn
-                        when "ravel.debian.org" then "Port 443"
                         when "paradis.debian.org" then "
-ListenAddress 5.153.231.30:22
-ListenAddress [2001:41c8:1000:21::21:30]:22
+ListenAddress 0.0.0.0:22
+ListenAddress [::]:22
 ListenAddress 5.153.231.31:443
 ListenAddress [2001:41c8:1000:21::21:31]:443
 "
@@ -25,12 +24,15 @@ extraports
 Protocol 2
 # HostKeys for protocol version 2
 HostKey /etc/ssh/ssh_host_rsa_key
+<%- if has_variable?("has_etc_ssh_ssh_host_ed25519_key") && has_etc_ssh_ssh_host_ed25519_key == "true" -%>
+HostKey /etc/ssh/ssh_host_ed25519_key
+<% end %>
 #Privilege Separation is turned on for security
 UsePrivilegeSeparation yes
 
 # Lifetime and size of ephemeral version 1 server key
 KeyRegenerationInterval 3600
-ServerKeyBits 768
+ServerKeyBits 1024
 
 # Logging
 SyslogFacility AUTH