1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_sshd.git synced 2024-08-16 11:59:49 +02:00

improve docs

This commit is contained in:
L3D 2021-03-13 23:03:31 +01:00 committed by GitHub
parent 4700d0c3c1
commit ae10b5ec5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -20,12 +20,12 @@ The following roles are tested in combination and work well - at least for the u
------------------------------ ------------------------------
**Remember:** Have a look into ``defaults/main.yml`` for all possible variables. **Remember:** Have a look into ``defaults/main.yml`` for all possible variables.
+ **SSH Port** + **SSH Port**<br/>
The OpenSSH Port is defined with the variable ``sshd__port: 22``. Change it if you wish. The OpenSSH Port is defined with the variable ``sshd__port: 22``. Change it if you wish.
+ **Allowed Users and Groups** + **Allowed Users and Groups**<br/>
The default users that are allowd to login come from the ``users: {}`` list. The default users that are allowd to login come from the ``users: {}`` list.<br/>
The same ``users: {}`` variable is used in the other recomended ssh roles. The same ``users: {}`` variable is used in the other recomended ssh roles.<br/>
A example to allow the login for the users and groups called ``l3d`` and ``ottojo`` are: A example to allow the login for the users and groups called ``l3d`` and ``ottojo`` are:
``` ```
users: users:
@ -36,14 +36,14 @@ users:
- ottojo@home - ottojo@home
``` ```
+ **SSH Login via Passwort** + **SSH Login via Passwort**<br/>
The SSH Passwort auth is set to false via ``sshd__password_authentication: false``. This won't allow you to use your passwort to login via SSH. The SSH Passwort auth is set to false via ``sshd__password_authentication: false``. This won't allow you to use your passwort to login via SSH.
+ **Manage SSH Key Types** + **Manage SSH Key Types**<br/>
By default this role configure which ssh key types are allowed to login. If you don't want to define that change the ``sshd__manage_key_types: true`` variable. By default this role configure which ssh key types are allowed to login. If you don't want to define that change the ``sshd__manage_key_types: true`` variable.
+ **Define allowed ssh key types** + **Define allowed ssh key types**<br/>
The allowed SSH Key Types are defined with this list. Some of them are commented out. The allowed SSH Key Types are defined with this list. Some of them are commented out.<br/>
Please not that by defualt only ``ed25519`` keys are allowed. Keep that in mind if you are using a rsa key. Please not that by defualt only ``ed25519`` keys are allowed. Keep that in mind if you are using a rsa key.
``` ```
sshd__key_types: sshd__key_types:
@ -53,11 +53,11 @@ users:
# - 'dsa' # (do not use!) # - 'dsa' # (do not use!)
``` ```
+ **Advanced SSH Algorithm Settings** + **Advanced SSH Algorithm Settings**<br/>
You can define the used Key and Key Algorithm here to. For the default values and some examples for the variables ``sshd__key_algorithmus`` and ``sshd__kex_algorithmus`` have a look into ``defaults/main.yml``. You can define the used Key and Key Algorithm here to. For the default values and some examples for the variables ``sshd__key_algorithmus`` and ``sshd__kex_algorithmus`` have a look into ``defaults/main.yml``.
+ **force new SSH Features** + **force new SSH Features**<br/>
If you know that you use a ssh version ``>8`` you can optionally define it with ``true/false`` with the ``sshd__version_is_above_eight`` variable. If you know that you use a ssh version ``>8`` you can optionally define it with ``true/false`` with the ``sshd__version_is_above_eight`` variable.
Files Files