{"id":21400266,"url":"https://github.com/oefenweb/ansible-ssh-client","last_synced_at":"2025-07-13T21:31:13.867Z","repository":{"id":33952236,"uuid":"37679713","full_name":"Oefenweb/ansible-ssh-client","owner":"Oefenweb","description":"Ansible role to set up an OpenSSH client in Debian-like systems","archived":false,"fork":false,"pushed_at":"2023-11-02T11:07:17.000Z","size":103,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2023-11-02T11:37:45.305Z","etag":null,"topics":["ansible","client","debian","rsa","ssh","ssh-client","ubuntu"],"latest_commit_sha":null,"homepage":"","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Oefenweb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-06-18T19:18:45.000Z","updated_at":"2023-01-15T06:45:30.000Z","dependencies_parsed_at":"2023-01-15T03:34:04.693Z","dependency_job_id":"e6cd4c09-4fef-42a1-be69-2fabad77da5e","html_url":"https://github.com/Oefenweb/ansible-ssh-client","commit_stats":null,"previous_names":[],"tags_count":52,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Oefenweb%2Fansible-ssh-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Oefenweb%2Fansible-ssh-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Oefenweb%2Fansible-ssh-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Oefenweb%2Fansible-ssh-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Oefenweb","download_url":"https://codeload.github.com/Oefenweb/ansible-ssh-client/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225917733,"owners_count":17544942,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","client","debian","rsa","ssh","ssh-client","ubuntu"],"created_at":"2024-11-22T15:20:28.542Z","updated_at":"2024-11-22T15:20:29.104Z","avatar_url":"https://github.com/Oefenweb.png","language":"Jinja","readme":"## ssh-client\n\n[![CI](https://github.com/Oefenweb/ansible-ssh-client/workflows/CI/badge.svg)](https://github.com/Oefenweb/ansible-ssh-client/actions?query=workflow%3ACI)\n[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-ssh--client-blue.svg)](https://galaxy.ansible.com/Oefenweb/ssh_client)\n\nSet up an OpenSSH client in Debian-like systems.\n\n#### Requirements\n\nNone\n\n#### Variables\n\n* `ssh_client_install`: [default: `[]`]: Additional packages to install\n\n* `ssh_client_configurations`: [default: `ssh_client_default_configuration`, see `vars/main.yml`]: Configuration declaration(s)\n* `ssh_client_configurations.{n}.dest`: [required]: The remote path of the configuration file (e.g. `/etc/ssh/ssh_config`, `~cacti/.ssh/config`)\n* `ssh_client_configurations.{n}.owner`: [default: `root`]: The name of the user that should own the file\n* `ssh_client_configurations.{n}.group`: [default: `owner`, `root`]: The name of the group that should own the file\n* `ssh_client_configurations.{n}.hosts`: [default: `[]`]: Host declaration(s)\n* `ssh_client_configurations.{n}.hosts.{n}.pattern`: [required]: Pattern to match hosts (e.g. `*`, `['*.co.uk', '192.168.0.?']`)\n* `ssh_client_configurations.{n}.hosts.{n}.host_name`: [optional]: Specifies the real host name to log into. This can be used to specify nicknames or abbreviations for hosts\n* `ssh_client_configurations.{n}.hosts.{n}.forward_agent`: [optional]: Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine\n* `ssh_client_configurations.{n}.hosts.{n}.forward_x11`: [optional]: Specifies whether X11 connections will be automatically redirected over the secure channel and DISPLAY set\n* `ssh_client_configurations.{n}.hosts.{n}.forward_x11_trusted`: [optional]: If this option is set to `true`, remote X11 clients will have full access to the original X11 display\n* `ssh_client_configurations.{n}.hosts.{n}.rhosts_rsa_authentication`: [optional]: Specifies whether to try rhosts based authentication with RSA host authentication\n* `ssh_client_configurations.{n}.hosts.{n}.rsa_authentication`: [optional]: Specifies whether to try RSA authentication\n* `ssh_client_configurations.{n}.hosts.{n}.password_authentication`: [optional]: Specifies whether to use password authentication\n* `ssh_client_configurations.{n}.hosts.{n}.hostbased_authentication`: [optional]: Specifies whether to try rhosts based authentication with public key authentication\n* `ssh_client_configurations.{n}.hosts.{n}.gssapi_authentication`: [optional]: Specifies whether user authentication based on GSSAPI is allowed\n* `ssh_client_configurations.{n}.hosts.{n}.gssapi_delegate_credentials`: [optional]: Forward (delegate) credentials to the server\n* `ssh_client_configurations.{n}.hosts.{n}.gssapi_key_exchange`: [optional]: Specifies whether key exchange based on GSSAPI may be used. When using GSSAPI key exchange the server need not have a host key\n* `ssh_client_configurations.{n}.hosts.{n}.gssapi_trust_dns`: [optional]: Set to `true` to indicate that the DNS is trusted to securely canonicalize the name of the host being connected to. If `false`, the hostname entered on the command line will be passed untouched to the GSSAPI library\n* `ssh_client_configurations.{n}.hosts.{n}.batch_mode`: [optional]: If set to `true`, passphrase/password querying will be disabled\n* `ssh_client_configurations.{n}.hosts.{n}.check_host_ip`: [optional]: If this flag is set to `true`, `ssh` will additionally check the host IP address in the known_hosts file\n* `ssh_client_configurations.{n}.hosts.{n}.address_family`: [optional]: Specifies which address family to use when connecting. Valid arguments are `any`, `inet` (use IPv4 only), or `inet6` (use IPv6 only)\n* `ssh_client_configurations.{n}.hosts.{n}.connect_timeout`: [optional]: Specifies the timeout (in seconds) used when connecting to the SSH server, instead of using the default system TCP timeout\n* `ssh_client_configurations.{n}.hosts.{n}.strict_host_key_checking`: [optional]: If this flag is set to `true`, `ssh` will never automatically add host keys to the `~/.ssh/known_hosts` file, and refuses to connect to hosts whose host key has changed\n* `ssh_client_configurations.{n}.hosts.{n}.identity_file`: [optional]: Specifies a file from which the user’s RSA or DSA authentication identity is read. It is possible to have multiple identity files specified in configuration files; all these identities will be tried in sequence (e.g. `['~/.ssh/identity', '~/.ssh/id_rsa', '~/.ssh/id_dsa']`)\n* `ssh_client_configurations.{n}.hosts.{n}.port`: [optional]: Specifies the port number to connect on the remote host\n* `ssh_client_configurations.{n}.hosts.{n}.protocol`: [optional]: Specifies the protocol versions ssh(1) should support in order of preference (e.g. `[2, 1]`)\n* `ssh_client_configurations.{n}.hosts.{n}.cipher`: [optional]: Specifies the cipher to use for encrypting the session in protocol version 1 (e.g. `3des`)\n* `ssh_client_configurations.{n}.hosts.{n}.ciphers`: [optional]: Specifies the ciphers allowed for protocol version 2 in order of preference (e.g. `[aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc]`)\n* `ssh_client_configurations.{n}.hosts.{n}.macs`: [optional]: Specifies the MAC (message authentication code) algorithms in order of preference (e.g. `[hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-ripemd160]`)\n* `ssh_client_configurations.{n}.hosts.{n}.escape_char`: [optional]: Sets the escape character (e.g. `~`)\n* `ssh_client_configurations.{n}.hosts.{n}.tunnel`: [optional]: Request `tun` device forwarding between the client and the server\n* `ssh_client_configurations.{n}.hosts.{n}.tunnel_device`: [optional]: Specifies the `tun` devices to open on the client (local_tun) and the server\n* `ssh_client_configurations.{n}.hosts.{n}.permit_local_command`: [optional]: Allow local command execution via the `LocalCommand` option or using the `!command` escape sequence in `ssh`\n* `ssh_client_configurations.{n}.hosts.{n}.visual_host_key`: [optional]: If this flag is set to `yes`, an ASCII art representation of the remote host key fingerprint is printed in addition to the hex fingerprint string at login and for unknown host keys\n* `ssh_client_configurations.{n}.hosts.{n}.proxy_command`: [optional]: Specifies the command to use to connect to the server\n* `ssh_client_configurations.{n}.hosts.{n}.rekey_limit`: [optional]: Specifies the maximum amount of data that may be transmitted before the session key is renegotiated\n* `ssh_client_configurations.{n}.hosts.{n}.send_env`: [optional]: Specifies what variables from the local `environ` should be sent to the server\n* `ssh_client_configurations.{n}.hosts.{n}.global_known_hosts_file`: [optional]: Specifies one or more files to use for the global host key database, list of files\n* `ssh_client_configurations.{n}.hosts.{n}.user_known_hosts_file`: [optional]: Specifies one or more files to use for the user host key database, list of files\n* `ssh_client_configurations.{n}.hosts.{n}.hash_known_hosts`: [optional]: Indicates that `ssh` should hash host names and addresses when they are added to `~/.ssh/known_hosts`\n* `ssh_client_configurations.{n}.hosts.{n}.compression`: [optional]: Specifies whether to use compression\n* `ssh_client_configurations.{n}.hosts.{n}.compression_level`: [optional]: Specifies the compression level to use if compression is enabled\n* `ssh_client_configurations.{n}.hosts.{n}.control_master`: [optional]: Enables the sharing of multiple sessions over a single network connection (e.g. `'yes'`, `'no'`, `'ask'`, `'auto'`)\n* `ssh_client_configurations.{n}.hosts.{n}.control_path`: [optional]: Specify the path to the control socket used for connection sharing as described in the `ControlMaster` section above or the string `none` to disable connection sharing (e.g. `~/.ssh/control-master/%r@%h:%p`)\n* `ssh_client_configurations.{n}.hosts.{n}.control_persist`: [optional]: When used in conjunction with `ControlMaster`, specifies that the master connection should remain open in the background (waiting for future client connections) after the initial client connection has been closed (e.g. `'no'`, `'yes'`, `'60m'`)\n* `ssh_client_configurations.{n}.hosts.{n}.use_roaming`: [optional]:\n\n## Dependencies\n\nNone\n\n#### Example\n\n```yaml\n---\n- hosts: all\n  roles:\n    - oefenweb.ssh-client\n  vars:\n    ssh_client_custom_configurations:\n      - dest: '~cacti/.ssh/config'\n        owner: cacti\n        hosts:\n          - pattern: ['*']\n            control_master: 'auto'\n            control_path: '~/.ssh/control-master/%r@%h:%p'\n            control_persist: '60m'\n      - dest: '~vagrant/.ssh/config'\n        owner: vagrant\n        hosts:\n          - pattern: ['bitbucket-repo-1']\n            host_name: bitbucket.org\n            identity_file:\n              - '~/.ssh/bitbucket-repo-1'\n          - pattern: ['bitbucket-repo-2']\n            host_name: bitbucket.org\n            identity_file:\n              - '~/.ssh/bitbucket-repo-2'\n    ssh_client_configurations: \"{{ ssh_client_default_configuration + ssh_client_custom_configurations }}\"\n```\n\n#### License\n\nMIT\n\n#### Author Information\n\nMischa ter Smitten\n\n#### Feedback, bug-reports, requests, ...\n\nAre [welcome](https://github.com/Oefenweb/ansible-ssh-client/issues)!\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foefenweb%2Fansible-ssh-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foefenweb%2Fansible-ssh-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foefenweb%2Fansible-ssh-client/lists"}