From 2a7dd88a3c3e6ac8cbb33ad844f016e99ef932b8 Mon Sep 17 00:00:00 2001
From: Jack Ivanov <e601809@gmail.com>
Date: Thu, 23 Feb 2017 18:44:30 +0300
Subject: [PATCH] Changed to ECDSA #102

---
 roles/ssh_tunneling/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/ssh_tunneling/tasks/main.yml b/roles/ssh_tunneling/tasks/main.yml
index ba0baf2..9ade7e3 100644
--- a/roles/ssh_tunneling/tasks/main.yml
+++ b/roles/ssh_tunneling/tasks/main.yml
@@ -31,8 +31,8 @@
     createhome: yes
     generate_ssh_key: yes
     shell: /bin/false
-    ssh_key_type: rsa
-    ssh_key_bits: 2048
+    ssh_key_type: ecdsa
+    ssh_key_bits: 256
     ssh_key_comment: '{{ item }}@{{ IP_subject_alt_name }}'
     ssh_key_passphrase: "{{ easyrsa_p12_export_password }}"
     state: present
@@ -41,7 +41,7 @@
 
 - name: The authorized keys file created
   file:
-    src: '/var/jail/{{ item }}/.ssh/id_rsa.pub'
+    src: '/var/jail/{{ item }}/.ssh/id_ecdsa.pub'
     dest: '/var/jail/{{ item }}/.ssh/authorized_keys'
     owner: "{{ item }}"
     group: "{{ item }}"
@@ -57,7 +57,7 @@
   template: src=known_hosts.j2 dest=/root/.ssh/{{ IP_subject_alt_name }}_known_hosts
 
 - name: Fetch users SSH private keys
-  fetch: src='/var/jail/{{ item }}/.ssh/id_rsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
+  fetch: src='/var/jail/{{ item }}/.ssh/id_ecdsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
   with_items: "{{ users }}"
 
 - name: Change mode for SSH private keys