diff --git a/deployment/sshd/sshd-baremetal-puppet.yaml b/deployment/sshd/sshd-baremetal-puppet.yaml index d8412a4f5a..c712528194 100644 --- a/deployment/sshd/sshd-baremetal-puppet.yaml +++ b/deployment/sshd/sshd-baremetal-puppet.yaml @@ -60,6 +60,11 @@ parameters: Subsystem: 'sftp /usr/libexec/openssh/sftp-server' description: Mapping of sshd_config values type: json + SshServerOptionsOverrides: + default: {} + description: Mapping of sshd_config values to override definitions in + SshServerOptions + type: json PasswordAuthentication: default: 'no' description: Whether or not disable password authentication @@ -86,7 +91,10 @@ outputs: config_settings: tripleo::profile::base::sshd::bannertext: {get_param: BannerText} tripleo::profile::base::sshd::motd: {get_param: MessageOfTheDay} - tripleo::profile::base::sshd::options: {get_param: SshServerOptions} + tripleo::profile::base::sshd::options: + map_merge: + - {get_param: SshServerOptions} + - {get_param: SshServerOptionsOverrides} tripleo::profile::base::sshd::password_authentication: {get_param: PasswordAuthentication} step_config: | include tripleo::profile::base::sshd diff --git a/releasenotes/notes/ssh-server-options-overrides-f677913bfd65efe1.yaml b/releasenotes/notes/ssh-server-options-overrides-f677913bfd65efe1.yaml new file mode 100644 index 0000000000..f92f919a03 --- /dev/null +++ b/releasenotes/notes/ssh-server-options-overrides-f677913bfd65efe1.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + The new ``SshServerOptionsOverrides`` parameter has been added. This + parameter can be used to override a part of sshd_config, which is defined + by the ``SshServerOptions``.