Bug 1568918
Summary: | RFE: Possibility to edit sshd config on the director node | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | ojanas | ||||
Component: | instack-undercloud | Assignee: | Alex Schultz <aschultz> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Arik Chernetsky <achernet> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 12.0 (Pike) | CC: | aschultz, dbecker, mburns, morazi | ||||
Target Milestone: | --- | Keywords: | FutureFeature, ZStream | ||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2018-04-18 19:43:07 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
ojanas
2018-04-18 12:21:53 UTC
Created attachment 1423715 [details] example hieradata So this should already be possible using the hieradata_override option in the undercloud.conf. For example we have it documented[0] for tuning ssl ciphers, For the specific ssh options, you would need to configure tripleo::profile::base::sshd::options This will require a similar structure to what is configured in the overcloud using the SshServerOptions[1] parameter. See attached file as an example file that could be used with "hieradata_override = /home/stack/rhbz1568918.yaml" [0] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html/director_installation_and_usage/appe-security_enhancements [1] https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/services/sshd.yaml#L42-L62 |