From 4a6e6e6ba23fd598466c79b05ed0ce15f879539b Mon Sep 17 00:00:00 2001
From: William Hirigoyen <whirigoyen+git@evolix.fr>
Date: Wed, 15 Nov 2023 09:43:10 +0100
Subject: [PATCH] ProFTPd: in SFTP vhost, enable SSH keys login, enable ed25549
 host key

---
 CHANGELOG.md                   | 1 +
 proftpd/defaults/main.yml      | 2 +-
 proftpd/templates/sftp.conf.j2 | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 47599bd7..e03d4964 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * evocheck: upstream release 23.10
 * add-vm.sh: allow VM name max length > 20
 * nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12
+* ProFTPd: in SFTP vhost, enable SSH keys login, enable ed25549 host key
 
 ### Fixed
 
diff --git a/proftpd/defaults/main.yml b/proftpd/defaults/main.yml
index 25d60d5b..9473731e 100644
--- a/proftpd/defaults/main.yml
+++ b/proftpd/defaults/main.yml
@@ -12,7 +12,7 @@ proftpd_ftps_cert: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
 proftpd_ftps_key: "/etc/ssl/private/ssl-cert-snakeoil.key"
 proftpd_sftp_enable: False
 proftpd_sftp_override: False
-proftpd_sftp_use_publickeys: False
+proftpd_sftp_use_publickeys: True
 proftpd_sftp_port: 22222
 proftpd_accounts: []
 proftpd_accounts_final: []
diff --git a/proftpd/templates/sftp.conf.j2 b/proftpd/templates/sftp.conf.j2
index 457f638b..c0eaf171 100644
--- a/proftpd/templates/sftp.conf.j2
+++ b/proftpd/templates/sftp.conf.j2
@@ -27,6 +27,7 @@
 
     SFTPHostKey /etc/ssh/ssh_host_ecdsa_key
     SFTPHostKey /etc/ssh/ssh_host_rsa_key
+    SFTPHostKey /etc/ssh/ssh_host_ed25519_key
     
     RequireValidShell off