From 51fdf83a441b19af50ad5d41b68a0eb2c34df9cd Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Fri, 16 Jun 2023 23:42:13 +0300
Subject: [PATCH] Ansible: Tweaks for Debian 12.

---
 Ansible/roles/debian_server/tasks/main.yml |  2 +-
 Ansible/tasks/sshd_config.yaml             | 11 -----------
 2 files changed, 1 insertion(+), 12 deletions(-)

diff --git a/Ansible/roles/debian_server/tasks/main.yml b/Ansible/roles/debian_server/tasks/main.yml
index 5e9d31f..a3a34e3 100644
--- a/Ansible/roles/debian_server/tasks/main.yml
+++ b/Ansible/roles/debian_server/tasks/main.yml
@@ -12,7 +12,7 @@
     - deb-src
   ansible.builtin.apt_repository:
     # yamllint disable-line rule:line-length
-    repo: '{{ item }} http://deb.debian.org/debian {{ ansible_facts.distribution_release }}-backports main contrib non-free'
+    repo: '{{ item }} http://deb.debian.org/debian {{ ansible_facts.distribution_release }}-backports main contrib non-free non-free-firmware'
     state: present
     update_cache: true
 
diff --git a/Ansible/tasks/sshd_config.yaml b/Ansible/tasks/sshd_config.yaml
index 79e71ae..e54bf1b 100644
--- a/Ansible/tasks/sshd_config.yaml
+++ b/Ansible/tasks/sshd_config.yaml
@@ -1,14 +1,6 @@
 ---
 - name: Configure the SSH daemon
   with_dict:
-    CASignatureAlgorithms: >-
-      -ssh-rsa
-    HostbasedAcceptedKeyTypes: >-
-      -ssh-rsa
-    HostKeyAlgorithms: >-
-      -ssh-rsa
-    KexAlgorithms: >-
-      -diffie-hellman-group14-sha1
     MACs: >-
       -hmac-sha1,
       umac-64-etm@openssh.com,
@@ -16,9 +8,6 @@
       umac-64@openssh.com
     PermitRootLogin: !!str no
     PasswordAuthentication: !!str no
-    PubkeyAcceptedKeyTypes: >-
-      -ssh-rsa,
-      ssh-rsa-cert-v01@openssh.com
   ansible.builtin.lineinfile:
     backup: true
     line: '{{ item.key }} {{ item.value|replace(" ", "") }}'
-- 
GitLab