Loading...

XML

Word

Printable

Type: Story
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-9.4
Affects Version/s: None
Component/s: rhel-system-roles
Labels:
- system_role_sshd

Fixed in Build:
rhel-system-roles-1.23.0-2.18.el9

Pool Team:

sst_system_roles

Dev Target Milestone:
20
Internal Target Milestone:
22
ACKs Check:

QE ack, Dev ack
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes

Git Pull Request:
https://github.com/willshersystems/ansible-sshd/pull/252
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/124808

Release Note Type:
Feature
Release Note Text:

Hide
.The `sshd` role now configures certificate-based SSH authentications

With the `sshd` RHEL System Role, you can now configure and manage multiple SSH servers to authenticate by using SSH certificates. This makes SSH authentications more secure because certificates are signed by a trusted CA and provide fine-grained access control, expiration dates, and centralized management.

Show
.The `sshd` role now configures certificate-based SSH authentications With the `sshd` RHEL System Role, you can now configure and manage multiple SSH servers to authenticate by using SSH certificates. This makes SSH authentications more secure because certificates are signed by a trusted CA and provide fine-grained access control, expiration dates, and centralized management.
Release Note Status:
Done

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Goal

Deploy User CA on the system
Configure principals (optional)

Reason:
This allows you to configure and manage the SSH server to authenticate via certificates.
Improves SSH authentication security: certificates have a validity period, unlike SSH keys.

More information on SSH certificates is available here: Managing SSH Access at Scale with HashiCorp Vault.

Result:
The related documentation is available and an example can be found in examples/example-use-certificates.yml.

is cloned by

RHEL-5985 ansible-sshd Manage SSH certificates

Release Pending

links to

RHEA-2023:124808 rhel-system-roles bug fix and enhancement update

Test Requirement (BASEOS-18790)

mentioned on

Commit - Update 1.23.0-1

Merge request - Update 1.23.0-1

Assignee:: Richard Megginson

Reporter:: Sergei Petrosian

Developer:: Richard Megginson

QA Contact:: Jakub Haruda

Doc Contact:: Mirek Jahoda

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2023/09/21 12:26 PM

Updated:: 2024/04/30 11:17 AM

Resolved:: 2024/04/30 9:51 AM

Dev Target end:: 2024/01/15

Target end:: 2024/01/29

Release Date:: 2024/04/30

Details

Description

Goal

Attachments

Issue Links

Activity

People

Dates

Hide