Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mikepruett3/ansible-role-sshd

Ansible role to configure SSH daemon on Linux Servers.
https://github.com/mikepruett3/ansible-role-sshd

Last synced: about 1 month ago
JSON representation

Ansible role to configure SSH daemon on Linux Servers.

Host: GitHub
URL: https://github.com/mikepruett3/ansible-role-sshd
Owner: mikepruett3
License: mit
Created: 2021-04-22T18:34:33.000Z (over 3 years ago)
Default Branch: master
Last Pushed: 2024-07-31T22:43:39.000Z (5 months ago)
Last Synced: 2024-08-02T01:51:13.429Z (5 months ago)
Language: Jinja
Size: 68.4 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

Ansible Role: SSHD
=========

Ansible role to configure SSH daemon on Linux Servers.

Requirements
------------

The role does not require anyting to run on RHEL and its derivatives.

Role Variables
--------------

Available variables are listed below, along with default values (see ```defaults/main.yml```):

``` yaml
password_authentication: "no"
public_key_authentication: "yes"
permit_root_login: "no"
permit_userenv: "no"

ssh_port: 22
use_dns: "no"
ignore_rhosts: "yes"

permit_empty_password: "no"
challenge_response_auth: "no"

gss_api_authentication: "no"
x11_forwarding: "no"

client_alive_int: "3600"
client_alive_max: "3"

login_grace_time: "1m"
max_auth_tries: "4"
max_sessions: "10"
max_startups: "10:30:100"

log_level: "VERBOSE"

banner_console: "/etc/issue"
banner_remote: "/etc/issue.net"
```

Additional (**Optional**) variable is **sshd_config**. This is used to restrict what groups of users can SSH into the server, via the **AllowGroups** configuration in the sshd_config file. This group can be either local or some other external group (like *LDAP/AD*). If this variable is not defined, then the default SSH config will allow any valid user to login via SSH.

``` yaml
sshd_config: mygroup
```

Role variables can be stored with the hosts.yaml file, or in the main variables file.

Dependencies
------------

None.

Example Playbook
----------------

``` yaml
- hosts: servers
roles:
- role: mikepruett3.sshd
```

Tags
----

The **groups** tag has been configured to allow for playbook reused when adding multiple groups to the SSH **AllowGroups** configuration.

``` yaml
- hosts: servers
roles:

- role: mikepruett3.sshd
vars:
sshd_config: my1stgroup

- role: mikepruett3.sshd
tags:
groups
vars:
sshd_config: my2ndgroup
```

License
-------

MIT

Author Information
------------------

Role created by [mikepruett3](https://github.com/mikepruett3) on [Github.com](https://github.com/mikepruett3/ansible-role-sshd)