From a07f0c5a9d615f04826eea37c5b87eaf0b8ad18b Mon Sep 17 00:00:00 2001
From: Jonathan Rosser <jonathan.rosser@rd.bbc.co.uk>
Date: Thu, 16 Mar 2023 14:58:35 +0000
Subject: [PATCH] Disable UsePriviledgeSeparation directive for sshd

This was deprecated a long time ago in openssh-server 7.4 and has
been generating warnings in the log file ever since.

Change-Id: Ic3f7afadcaa875e6ce871c0ce36b4b11f10a7044
---
 defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index ec2eda23..28a93611 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -355,7 +355,7 @@ security_sshd_disallow_gssapi: yes                           # V-72259
 # Disallow compression or delay after login.
 security_sshd_compression: 'delayed'                         # V-72267
 # Require privilege separation at every opportunity.
-security_sshd_enable_privilege_separation: yes               # V-72265
+security_sshd_enable_privilege_separation: no                # V-72265
 # Require strict mode checking of home directory configuration files.
 security_sshd_enable_strict_modes: yes                       # V-72263
 # Disallow Kerberos authentication.