Loading...

XML

Word

Printable

Type: Story
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-8.10
Affects Version/s: None
Component/s: rhel-system-roles
Labels:
- system_role_sshd

Fixed in Build:
rhel-system-roles-1.23.0-2.18.el8

Pool Team:

rhel-sst-system-roles

Dev Target Milestone:
20
Internal Target Milestone:
22
Story Points:
None
ACKs Check:

QE ack, Dev ack
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
None

Git Pull Request:
https://github.com/willshersystems/ansible-sshd/pull/252
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/124810
Test Coverage:
None

Release Note Type:
Feature
Release Note Text:

Hide
.The `sshd` role now configures certificate-based SSH authentications

With the `sshd` RHEL System Role, you can now configure and manage multiple SSH servers to authenticate by using SSH certificates. This makes SSH authentications more secure because certificates are signed by a trusted CA and provide fine-grained access control, expiration dates, and centralized management.

Show
.The `sshd` role now configures certificate-based SSH authentications With the `sshd` RHEL System Role, you can now configure and manage multiple SSH servers to authenticate by using SSH certificates. This makes SSH authentications more secure because certificates are signed by a trusted CA and provide fine-grained access control, expiration dates, and centralized management.
Release Note Status:
Done

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Goal

Deploy User CA on the system
Configure principals (optional)

Reason:
This allows you to configure and manage the SSH server to authenticate via certificates.
Improves SSH authentication security: certificates have a validity period, unlike SSH keys.

More information on SSH certificates is available here: Managing SSH Access at Scale with HashiCorp Vault.

Result:
The related documentation is available and an example can be found in examples/example-use-certificates.yml.

clones

RHEL-5972 ansible-sshd Manage SSH certificates

Closed

links to

RHEA-2023:124810 rhel-system-roles bug fix and enhancement update

mentioned on

Commit - Update 1.23.0-1

Merge request - Update 1.23.0-1

Assignee:: Richard Megginson

Reporter:: Sergei Petrosian

Developer:: Richard Megginson

QA Contact:: David Jez

Doc Contact:: Mirek Jahoda

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2023/09/21 12:27 PM

Updated:: 2024/05/22 9:37 AM

Resolved:: 2024/05/22 9:37 AM

Dev Target end:: 2024/01/15

Target end:: 2024/01/29

Release Date:: 2024/05/22

Details

Description

Goal

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates