Changed to ECDSA #102

roles/ssh_tunneling/tasks/main.yml

@@ -31,8 +31,8 @@
     createhome: yes
     generate_ssh_key: yes
     shell: /bin/false
-    ssh_key_type: rsa
+    ssh_key_type: ecdsa
-    ssh_key_bits: 2048
+    ssh_key_bits: 256
     ssh_key_comment: '{{ item }}@{{ IP_subject_alt_name }}'
     ssh_key_passphrase: "{{ easyrsa_p12_export_password }}"
     state: present
@@ -41,7 +41,7 @@
 
 - name: The authorized keys file created
   file:
-    src: '/var/jail/{{ item }}/.ssh/id_rsa.pub'
+    src: '/var/jail/{{ item }}/.ssh/id_ecdsa.pub'
     dest: '/var/jail/{{ item }}/.ssh/authorized_keys'
     owner: "{{ item }}"
     group: "{{ item }}"
@@ -57,7 +57,7 @@
   template: src=known_hosts.j2 dest=/root/.ssh/{{ IP_subject_alt_name }}_known_hosts
 
 - name: Fetch users SSH private keys
-  fetch: src='/var/jail/{{ item }}/.ssh/id_rsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
+  fetch: src='/var/jail/{{ item }}/.ssh/id_ecdsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
   with_items: "{{ users }}"
 
 - name: Change mode for SSH private keys