https://github.com/mvladislav/ansible-ssh

ansible-role to setup ssh-service as defined by mozilla :: https://infosec.mozilla.org/guidelines/openssh.html
https://github.com/mvladislav/ansible-ssh

ansible-role linux ssh ssh-hardening ssh-security ubuntu

Last synced: 9 months ago
JSON representation

ansible-role to setup ssh-service as defined by mozilla :: https://infosec.mozilla.org/guidelines/openssh.html

• Host: GitHub
• URL: https://github.com/mvladislav/ansible-ssh
• Owner: MVladislav
• License: mit
• Created: 2021-07-07T02:11:55.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2024-07-26T22:41:16.000Z (almost 2 years ago)
• Last Synced: 2024-11-17T03:05:40.014Z (over 1 year ago)
• Topics: ansible-role, linux, ssh, ssh-hardening, ssh-security, ubuntu
• Language: Jinja
• Homepage:
• Size: 84 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
# SSH

> [!IMPORTANT]  

> Project is **Archive** and moved into ****

---

[![Ansible Lint](https://github.com/MVladislav/ansible-ssh/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/MVladislav/ansible-ssh/actions/workflows/ansible-lint.yml)

[![Ansible Molecule Test](https://github.com/MVladislav/ansible-ssh/actions/workflows/ci.yml/badge.svg)](https://github.com/MVladislav/ansible-ssh/actions/workflows/ci.yml)

- [SSH](#ssh)

  - [Role Variables](#role-variables)

  - [Dependencies](#dependencies)

  - [Example Playbook](#example-playbook)

  - [License](#license)

  - [OTHER](#other)

    - [deprecation remove](#deprecation-remove)

---

You can checkout [MVladislav - ansible-env-setup - playbooks](https://github.com/MVladislav/ansible-env-setup/tree/main/playbooks) for how i use it in general.

Tested with:

- Ubuntu 23.04

## Role Variables

```yml

clients:

  - name: "{{ ansible_user }}"

ssh_only_client_setup: false

```

## Dependencies

Developed and testes with Ansible 2.14.4

## Example Playbook

```yml

- hosts: servers

  roles:

    - role: ansible-ssh

      clients:

        - name: "{{ ansible_user }}"

      ssh_only_client_setup: false

```

## License

MIT

## OTHER

### deprecation remove

```sh

sed -i '/KeyRegenerationInterval/d' /etc/ssh/sshd_config

sed -i '/ServerKeyBits/d' /etc/ssh/sshd_config

sed -i '/RSAAuthentication/d' /etc/ssh/sshd_config

sed -i '/RhostsRSAAuthentication/d' /etc/ssh/sshd_config

sed -i '/UsePrivilegeSeparation/d' /etc/ssh/sshd_config

```