Disable GSSAPIAuthentication by default

Having GSSAPIAuthentication enabled by default can cause issues during the deployment process if the user is unable to authenticate with kerberos. This change moves the default for GSSAPIAuthentication to no instead of yes. Resolves: rhbz#2059855 Change-Id: Ic579380c9c72917daa01493c259bc969b7291fe9
2022-03-04 01:56:30 +11:00 · 2022-03-04 01:56:30 +11:00 · fa69bfc1eb
commit fa69bfc1eb
parent e93d59464e
2 changed files with 2 additions and 2 deletions
--- a/deployment/sshd/sshd-baremetal-ansible.yaml
+++ b/deployment/sshd/sshd-baremetal-ansible.yaml
@ -44,7 +44,7 @@ parameters:
      SyslogFacility: 'AUTHPRIV'
      AuthorizedKeysFile: '.ssh/authorized_keys'
      ChallengeResponseAuthentication: 'no'
-      GSSAPIAuthentication: 'yes'
+      GSSAPIAuthentication: 'no'
      GSSAPICleanupCredentials: 'no'
      UsePAM: 'yes'
      UseDNS: 'no'
--- a/deployment/sshd/sshd-baremetal-puppet.yaml
+++ b/deployment/sshd/sshd-baremetal-puppet.yaml
@ -44,7 +44,7 @@ parameters:
      SyslogFacility: 'AUTHPRIV'
      AuthorizedKeysFile: '.ssh/authorized_keys'
      ChallengeResponseAuthentication: 'no'
-      GSSAPIAuthentication: 'yes'
+      GSSAPIAuthentication: 'no'
      GSSAPICleanupCredentials: 'no'
      UsePAM: 'yes'
      UseDNS: 'no'