Improve common var definitions

Author: swalkinshaw

roles/common/defaults/main.yml

@@ -40,8 +40,8 @@ apt_packages_custom: {}
 apt_packages: "{{ apt_packages_default | combine(apt_packages_custom) }}"
 
 openssh_6_8_plus: "{{ (lookup('pipe', 'ssh -V 2>&1')) | regex_replace('(.*OpenSSH_([\\d\\.]*).*)', '\\2') is version_compare('6.8', '>=') }}"
-overlapping_ciphers: "[{% for cipher in (sshd_ciphers_default + sshd_ciphers_extra) if cipher in ssh_client_ciphers %}'{{ cipher }}',{% endfor %}]"
-overlapping_kex: "[{% for kex in (sshd_kex_algorithms_default + sshd_kex_algorithms_extra) if kex in ssh_client_kex %}'{{ kex }}',{% endfor %}]"
-overlapping_macs: "[{% for mac in (sshd_macs_default + sshd_macs_extra) if mac in ssh_client_macs %}'{{ mac }}',{% endfor %}]"
-host_key_types: "[{% for path in sshd_host_keys %}'{{ path | regex_replace('/etc/ssh/ssh_host_(.+)_key', '\\1') | regex_replace('dsa', 'ssh-dss')}}',{% endfor %}]"
-overlapping_host_keys: "{% for key in host_key_types if key in ssh_client_host_key_algorithms %}{{ key }},{% endfor %}"
+overlapping_ciphers: "{{ (sshd_ciphers_default + sshd_ciphers_extra) | intersect(ssh_client_ciphers) }}"
+overlapping_kex: "{{ (sshd_kex_algorithms_default + sshd_kex_algorithms_extra) | intersect(ssh_client_kex) }}"
+overlapping_macs: "{{ (sshd_macs_default + sshd_macs_extra) | intersect(ssh_client_macs) }}"
+host_key_types: "{{ sshd_host_keys | map('regex_replace', '/etc/ssh/ssh_host_(.+)_key', '\\1') | map('regex_replace', 'dsa', 'ssh-dss') | list }}"
+overlapping_host_keys: "{{ host_key_types | intersect(ssh_client_host_key_algorithms) | join(',') }}"