{"id":18663081,"url":"https://github.com/asapdotid/ansible-role-ssh","last_synced_at":"2026-04-13T17:03:09.829Z","repository":{"id":113710887,"uuid":"397507864","full_name":"asapdotid/ansible-role-ssh","owner":"asapdotid","description":"This ansible role setup SSH private key multiple user On Ubuntu, CentOS","archived":false,"fork":false,"pushed_at":"2024-09-08T02:41:46.000Z","size":61,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-12-27T16:43:03.158Z","etag":null,"topics":["ansible","ansible-role","centos","debian","linux","ssh","ssh-key","ubuntu"],"latest_commit_sha":null,"homepage":"","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/asapdotid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-08-18T07:13:17.000Z","updated_at":"2024-09-08T02:41:49.000Z","dependencies_parsed_at":null,"dependency_job_id":"6e0e717d-9e2e-47c5-aead-8fb1c7c281e8","html_url":"https://github.com/asapdotid/ansible-role-ssh","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fansible-role-ssh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fansible-role-ssh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fansible-role-ssh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fansible-role-ssh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/asapdotid","download_url":"https://codeload.github.com/asapdotid/ansible-role-ssh/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239487305,"owners_count":19646984,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","centos","debian","linux","ssh","ssh-key","ubuntu"],"created_at":"2024-11-07T08:14:58.709Z","updated_at":"2026-04-13T17:03:09.808Z","avatar_url":"https://github.com/asapdotid.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e \u003cimg src=\"https://user-images.githubusercontent.com/34257858/129839002-15e3f2c7-3f75-46d4-afae-0fd207d7fdde.png\" width=\"100\" height=\"100\"\u003e\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003e\n Ansible Role SSH\n\u003c/h1\u003e\n\n\u003cp align=\"center\" style=\"font-size: 1.2rem;\"\u003e\n This ansible role setup SSH On Ubuntu, CentOS.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n\n\u003ca href=\"https://www.ansible.com\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Ansible-2.10-green?style=flat\u0026logo=ansible\" alt=\"Ansible\"\u003e\n\u003c/a\u003e\n\u003ca href=\"LICENSE.md\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/License-MIT-blue.svg\" alt=\"Licence\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://ubuntu.com/\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/ubuntu-20.x-orange?style=flat\u0026logo=ubuntu\" alt=\"Distribution\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://www.centos.org/\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/CentOS-8-green?style=flat\u0026logo=centos\" alt=\"Distribution\"\u003e\n\u003c/a\u003e\n\n## Requirements (collections)\n\n- ansible.posix\n- ansible.crypto\n\n## Role Variables\n\n### SSH Hardening config\n\n| Variables Name | Default | Description |\n| ----------------------------- | ------- | ------------------------------------------------------------------- |\n| `ssh_secure_config` | `false` | Secure SSH config |\n| `ssh_port` | `22` | Secure SSH connection port |\n| `ssh_max_auth_tries` | `3` | Secure SSH limit the maximum number of authentication |\n| `ssh_login_grace_time` | `3` | Secure SSH login grace period |\n| `ssh_password_authentication` | `\"no\"` | Secure SSH connection password authentication |\n| `ssh_permit_root_login` | `\"yes\"` | Secure SSH connection root permissions |\n| `ssh_allow_users` | `[]` | Secure SSH user authentications based on username and/or IP address |\n| `ssh_allow_group_users` | `[]` | Secure SSH user authentications based on group user |\n| `ssh_usedns` | `\"no\"` | Secure SSH connection use dns |\n| `ssh_permit_empty_password` | `\"no\"` | Secure SSH connection with empety password |\n| `ssh_challenge_response_auth` | `\"no\"` | Secure SSH connection challege response auth |\n| `ssh_gss_api_authentication` | `\"no\"` | Secure SSH connection using GSSAPI to authenticate |\n| `ssh_x11_forwarding` | `\"no\"` | Secure SSH connection X11 forwarding working |\n| `ssh_allow_agent_forwarding` | `\"no\"` | Secure SSH simplify deploying to a server |\n| `ssh_allow_tcp_forwarding` | `\"no\"` | Secure SSH port forwarding |\n| `ssh_permit_tunnel` | `\"no\"` | Secure SSH Permit tunneling |\n| `ssh_permit_user_env` | `\"no\"` | Secure SSH set variables for remote commands |\n| `ssh_client_alive_interval` | `300` | Secure SSH sets a timeout interval |\n| `ssh_client_alive_count_max` | `3` | Secure SSH sets the number of server alive messages |\n\n### Set Banner\n\n| Name | Default | Description |\n| ---------------------------- | ---------- | -------------------------------- |\n| `ssh_custom_banner_org_text` | `asaplabs` | Secure SSH custom banner initial |\n\n### SSH config for users\n\n| Name | Default | Description |\n| ---------------- | ------- | --------------------------------------------------------------------------------------------------------------------------- |\n| `ssh_user_root` | `[]` | Setup SSH for root [sample](#example-playbook) |\n| `ssh_user_users` | `[]` | Setup multiple ssh directory with users [sample](#example-playbook) |\n| `ssh_key_type` | `\"rsa\"` | Setup ssh key types for root and users `rsa`, `dsa`, `ecda` and `ed25519`. |\n| `ssh_key_size` | `2048` | Setup ssh key size [doc](https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_keypair_module.html). |\n\n## Dependencies\n\nNone.\n\n\u003ch2 id=\"example-playbook\"\u003eExample Playbook\u003c/h2\u003e\n\nIncluding an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:\n\n### Auto generate SSH (private key and public key) setup with `manage_ssh_key: true`\n\n```yaml\n- hosts: servers\n vars:\n ssh_secure_config: true\n ssh_port: 2222 # custom ssh port\n ssh_permit_root_login: \"no\"\n ssh_allow_users:\n - asap\n ssh_user_root:\n - manage_ssh_key: true\n ssh_key_type: rsa\n ssh_key_size: 2048 # only for automatic generate ssh key\n authorized_keys: # not mandatory\n - key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}\"\n state: present\n ssh_config_hosts:\n - name: github.com\n host: github.com\n user: git\n - name: gitlab.com\n host: gitlab.com\n user: git\n ssh_user_users:\n - name: vagrant\n manage_ssh_key: true\n ssh_key_type: rsa\n ssh_key_size: 2048 # only for automatic generate ssh key\n authorized_keys: # not mandatory\n - key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}\"\n state: present\n ssh_config_hosts:\n - name: github.com\n host: github.com\n user: git\n - name: gitlab.com\n host: gitlab.com\n user: git\n\n roles:\n - { role: asapdotid.ssh }\n```\n\n### Custom setup SSH\n\n```yaml\n- hosts: servers\n vars:\n ssh_user_root:\n - manage_ssh_key: false\n ssh_key_type: rsa\n private_key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa') }}\"\n public_key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}\"\n authorized_keys: # not mandatory\n - key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/vps_rsa.pub') }}\"\n state: present\n ssh_config_hosts:\n - name: github.com\n host: github.com\n user: git\n - name: gitlab.com\n host: gitlab.com\n user: git\n ssh_user_users:\n - name: vagrant\n manage_ssh_key: false\n ssh_key_type: rsa\n private_key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa') }}\"\n public_key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}\"\n authorized_keys: # not mandatory\n - key: \"{{ lookup('file', lookup('env','HOME') + '/.ssh/vps_rsa.pub') }}\"\n state: present\n # get public keys form github account\n - key: \"{{ lookup('url', 'https://github.com/your_github_username.keys', split_lines=False) }}\"\n state: present\n ssh_config_hosts:\n - name: github.com\n host: github.com\n user: git\n - name: gitlab.com\n host: gitlab.com\n user: git\n\n roles:\n - { role: asapdotid.ssh }\n```\n\n## License\n\nMIT / BSD\n\n## Author Information\n\n[JogjaScript](https://jogjascript.com)\n\nThis role was created in 2021 by [Asapdotid](https://github.com/asapdotid).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasapdotid%2Fansible-role-ssh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fasapdotid%2Fansible-role-ssh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasapdotid%2Fansible-role-ssh/lists"}