Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ricsanfre/ansible-role-security
Security Hardening tasks on Linux hosts
https://github.com/ricsanfre/ansible-role-security
ansible-role security ssh ssh-config
Last synced: 16 days ago
JSON representation
Security Hardening tasks on Linux hosts
- Host: GitHub
- URL: https://github.com/ricsanfre/ansible-role-security
- Owner: ricsanfre
- Created: 2021-09-13T17:17:41.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2021-09-24T10:45:11.000Z (over 3 years ago)
- Last Synced: 2024-11-27T21:41:21.615Z (3 months ago)
- Topics: ansible-role, security, ssh, ssh-config
- Homepage: https://galaxy.ansible.com/ricsanfre/security
- Size: 4.88 KB
- Stars: 1
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
Ansible Role: Security
=========
[](https://github.com/ricsanfre/ansible-role-security/actions/workflows/ci.yml)
Security hardening tasks on Linux.
- SSH access hardening
Requirements
------------
None.
Role Variables
--------------
Available variables are listed below along with default values (see `defaults\main.yaml`)
Security SSH security hardened settings disable the login/password access (only access through SSH keys are allowed), disable root login and others.
security_ssh_password_authentication: "no"
security_ssh_permit_root_login: "no"
security_ssh_usedns: "no"
security_ssh_permit_empty_password: "no"
security_ssh_challenge_response_auth: "no"
security_ssh_gss_api_authentication: "no"
security_ssh_x11_forwarding: "no"
Dependencies
------------
None
Example Playbooks
-----------------
### Apply default rules
Install and configure a firewall on a host with default rules
```yml
- hosts: server
roles:
- ricsanfre.security
```