From 03172b3c0776b4658fdf5611f8b7b622ad6ce12e Mon Sep 17 00:00:00 2001
From: mfredholm <6997932+mfredholm@users.noreply.github.com>
Date: Mon, 28 Jan 2019 13:30:19 +0100
Subject: [PATCH 1/2] Remove deprecated options

---
 vars/Ubuntu_18.yml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/vars/Ubuntu_18.yml b/vars/Ubuntu_18.yml
index 5a136388..c58bd6e7 100644
--- a/vars/Ubuntu_18.yml
+++ b/vars/Ubuntu_18.yml
@@ -12,19 +12,14 @@ __sshd_defaults:
     - /etc/ssh/ssh_host_dsa_key
     - /etc/ssh/ssh_host_ecdsa_key
     - /etc/ssh/ssh_host_ed25519_key
-  UsePrivilegeSeparation: yes
-  KeyRegenerationInterval: 3600
-  ServerKeyBits: 1024
   SyslogFacility: AUTH
   LogLevel: INFO
   LoginGraceTime: 120
   PermitRootLogin: prohibit-password
   StrictModes: yes
-  RSAAuthentication: yes
   PubkeyAuthentication: yes
   AuthorizedKeysFile: "%h/.ssh/authorized_keys"
   IgnoreRhosts: yes
-  RhostsRSAAuthentication: no
   HostbasedAuthentication: no
   PermitEmptyPasswords: no
   ChallengeResponseAuthentication: no

From a3ca915dbd20052329233c4345419de55094f673 Mon Sep 17 00:00:00 2001
From: mfredholm <6997932+mfredholm@users.noreply.github.com>
Date: Thu, 31 Jan 2019 10:33:01 +0100
Subject: [PATCH 2/2] Update Ubuntu_18.yml

Minimal vars using defaults.
---
 vars/Ubuntu_18.yml | 24 ++----------------------
 1 file changed, 2 insertions(+), 22 deletions(-)

diff --git a/vars/Ubuntu_18.yml b/vars/Ubuntu_18.yml
index c58bd6e7..cb8295a4 100644
--- a/vars/Ubuntu_18.yml
+++ b/vars/Ubuntu_18.yml
@@ -5,31 +5,11 @@ __sshd_packages:
   - openssh-sftp-server
 __sshd_config_mode: "0644"
 __sshd_defaults:
-  Port: 22
-  Protocol: 2
-  HostKey:
-    - /etc/ssh/ssh_host_rsa_key
-    - /etc/ssh/ssh_host_dsa_key
-    - /etc/ssh/ssh_host_ecdsa_key
-    - /etc/ssh/ssh_host_ed25519_key
-  SyslogFacility: AUTH
-  LogLevel: INFO
-  LoginGraceTime: 120
-  PermitRootLogin: prohibit-password
-  StrictModes: yes
-  PubkeyAuthentication: yes
-  AuthorizedKeysFile: "%h/.ssh/authorized_keys"
-  IgnoreRhosts: yes
-  HostbasedAuthentication: no
-  PermitEmptyPasswords: no
+  PasswordAuthentication: no
   ChallengeResponseAuthentication: no
+  UsePAM: yes
   X11Forwarding: yes
-  X11DisplayOffset: 10
   PrintMotd: no
-  PrintLastLog: yes
-  TCPKeepAlive: yes
   AcceptEnv: LANG LC_*
   Subsystem: "sftp {{ sshd_sftp_server }}"
-  UsePAM: yes
-  UseDNS: no
 __sshd_os_supported: yes