An open API service indexing awesome lists of open source software.

https://github.com/carlossemeao/ansible-control-node

Ansible control node with hardened SSH, Tailscale VPN, and key-only remote access
https://github.com/carlossemeao/ansible-control-node

access-control ansible automation devsecops hardened linux node ssh tailscale vpn

Last synced: about 2 months ago
JSON representation

Ansible control node with hardened SSH, Tailscale VPN, and key-only remote access

Awesome Lists containing this project

README

          

# Ansible - Hardened SSH / Remote Access Automation

SSH
Tailscale
System lockdown

---

## Remote SSH Access via Tailscale

Password login disabled
Custom SSH port
Key access
Device control
Root login disabled
fail2ban active
Logs synced
SSH logs

---

## Tools

- **Tailscale** – VPN
- **OpenSSH (ED25519)** – hardened authentication
- **macOS + Fedora** – dev and control environment

---

## Ansible

- Creation of a secure user: `sysops`
- SSH key setup for MacBook login
- SSH daemon hardening (`sshd_config`)
- Safe restart of SSH service using `systemctl`
- Backup of original SSH configuration

---

## Project Matters

Remote sysadmin and IaaC workflow
Onboarding for secure users
Replicable across systems, cloud instances and physical machines

---

## End Devices (Tailscale)

- **MacOS** (admin terminal)
- **Fedora** (Ansible control)
- **Phone** (remote client w/ key authentication)