ansible/ansible_role_sshd
1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_sshd.git synced 2024-08-16 11:59:49 +02:00
Code Issues Releases Activity

start rewrite default variables

Browse source
This commit is contained in:
Lilian Roller 2020-03-17 15:25:04 +01:00
parent e0f2186260
commit f582a80797
No known key found for this signature in database
GPG key ID: 5215C3441797AB2B
2 changed files with 49 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
defaults/main.yml
View file

@ -1,33 +1,45 @@
---
# set the ssh port
ssh_port: 22
sshd:
# set the ssh server port
port: 22
# ssh password authorisatuin (not recomended)
password_authentication: false
# should we disable not selected ssh key types?
manage_key_types: true
# choose ssh server allowed key types
key_types:
- ed25519
# - rsa
# - ecdsa
# - dsa # (do not use!)
# default users for SSH access
sshd_default_allowed_users:
- "root"
- "ansible"
# don't forget to add the ssh_access group!
sshd_default_allowed_groups:
- "root"
- "admins"
# Enable AllowUsers and AllowGroups options
restrict_allow_users: True
## default users for SSH access
#sshd_default_allowed_users:
# - "root"
# - "ansible"
#
## don't forget to add the ssh_access group!
#sshd_default_allowed_groups:
# - "root"
# - "admins"
##
## Enable AllowUsers and AllowGroups options
#restrict_allow_users: True
#
### Forcing only ed25519 SSH keys
#only_allow_ed25519: true
#
## Allow login with password?
#
### Allow optional cryptho methods (NOT RECOMENDED)
#generate_ecdsa_too: false
#use_diffie_hellman_group_exchange_sha256: false
#u#se_aes256_ctr: false
#u#se_hmac_sha2_512: false
###
#do_not_delete_legacy_ssh_keys: true
# Forcing only ed25519 SSH keys
only_allow_ed25519: true
# Allow login with password?
sshd_password_authentication: 'no' # 'yes' or 'no'
# Allow optional cryptho methods (NOT RECOMENDED)
generate_ecdsa_too: false
use_diffie_hellman_group_exchange_sha256: false
use_aes256_ctr: false
use_hmac_sha2_512: false
do_not_delete_legacy_ssh_keys: true
# version check for this role?
submodules_versioncheck: true
# perform simple version check for this role? (true is recomended)
submodules_versioncheck: false

9
vars/main.yml
View file

@ -1,3 +1,10 @@
---
playbook_version_number: 2058 # should be over ninethousand
_sshd:
port: 22
password_authentication: false
manage_key_types: true
key_types:
- ed25519
playbook_version_number: 2060 # should be over ninethousand
playbook_version_path: 'role-sshd_chaos-bodensee_github.com.version'