Macs kex ciphers

[rndmh3ro]

This PR changes the logic, which macs, kex and cipher to use. For one, it moves the evaluation to the tasks instead of the templates (similar to the hostkey-logic).
It also lets the conficuration depend on the installed ssh-version, not the operating system.

It also add support for ssh 7.6 where ripemd is removed (fixes #135).

[ypid]

I would do that using one set_fact or even better in the defaults file. Something like:

ssh_host_key_files: '{{ ['/etc/ssh/ssh_host_rsa_key'] if sshd_version.stdout >= '6.0' else ... }}'

This way, the whole file can be reduced to Jinja2 templating in defaults/main.yml. This also helps with performance :)

[rndmh3ro]

I tried and did not find a proper solution with the correct syntax.

                       "[/etc/ssh/ssh_host_rsa_key, /etc/ssh/ssh_host_ecdsa_key]" if sshd_version.stdout >= 6.0 else \  }}
                       "[/etc/ssh/ssh_host_rsa_key, /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key]" if sshd_version.stdout >= 6.3 }}'```

This and variations of it do not work. They always give some error like:
```       fatal: [localhost]: FAILED! => {"msg": "Unexpected templating type error occurred on ({{ssh_host_key_files}}): __init__() takes at least 3 arguments (2 given)"}

[ypid]

Please always use YAML syntax.

[rndmh3ro]

I'll fix this in a separate PR where I'll change it everywhere.

[ypid]

Why add a trailing empty line :) ? This is usually unneeded. Maybe you will find https://github.com/ypid/dotfiles/blob/33ec82ad4bf59409a37891086c765e58c06713a6/vimrc#L888-L898 useful depending on your editor.

[rndmh3ro]

Fixed, thanks.

[rndmh3ro]

@ypid can you take a look again?

[atomic111]

@rndmh3ro it looks good from my point of view. great!!! any objection? otherwise i would merge it

[atomic111]

thanks @rndmh3ro, great work!!!