adambirds.configure-sshd
ansible-role-sshd
This role sets up the SSH daemon (sshd).
Requirements
There are no special requirements.
Role Variables
| Variable | Description | Default Value |
|---|---|---|
sshd_user |
Username for sshd |
sshd |
sshd_group |
Group name for sshd |
{{ __sshd_group }} |
sshd_service |
Service name for sshd |
{{ __sshd_service }} |
sshd_conf_dir |
Directory for sshd configuration files |
{{ __sshd_conf_dir }} |
sshd_conf |
Path to the SSH configuration file | {{ sshd_conf_dir }}/sshd_config |
sshd_sftp_server |
Path to the SFTP server | {{ __sshd_sftp_server }} |
sshd_config |
Configuration settings for sshd |
{"PermitRootLogin"=>"without-password", "PasswordAuthentication"=>"no", "UseDNS"=>"no", "UsePAM"=>"no", "Subsystem"=>"sftp {{ sshd_sftp_server }}"} |
sshd_config_pre |
Settings before the main sshd_config |
"" |
sshd_config_post |
Settings after the main sshd_config |
"" |
sshd_config_match |
List of conditions for specific configurations | [] |
ssh_config_match
This variable creates specific Match blocks.
| Key | Value |
|---|---|
condition |
Condition for the Match block |
keyword |
Dictionary of settings and their values |
Example:
sshd_config_match:
- condition: User foo
keyword:
X11Forwarding: "yes"
This generates:
Match User foo
X11Forwarding yes
Defaults for Different Systems
Debian
| Variable | Default Value |
|---|---|
__sshd_group |
ssh |
__sshd_conf_dir |
/etc/ssh |
__sshd_sftp_server |
/usr/lib/sftp-server |
__sshd_service |
ssh |
FreeBSD
| Variable | Default Value |
|---|---|
__sshd_group |
sshd |
__sshd_conf_dir |
/etc/ssh |
__sshd_sftp_server |
/usr/libexec/sftp-server |
__sshd_service |
sshd |
OpenBSD
| Variable | Default Value |
|---|---|
__sshd_group |
sshd |
__sshd_conf_dir |
/etc/ssh |
__sshd_sftp_server |
/usr/libexec/sftp-server |
__sshd_service |
sshd |
RedHat
| Variable | Default Value |
|---|---|
__sshd_group |
ssh |
__sshd_conf_dir |
/etc/ssh |
__sshd_sftp_server |
/usr/lib/sftp-server |
__sshd_service |
sshd.service |
Dependencies
There are no dependencies.
Example Playbook
- hosts: localhost
roles:
- ansible-role-sshd
vars:
sshd_config:
PermitRootLogin: without-password
PasswordAuthentication: "no"
Port: 22
UseDNS: "no"
UsePAM: "no"
Subsystem: "sftp {{ sshd_sftp_server }}"
sshd_config_match:
- condition: User foo
keyword:
X11Forwarding: "yes"
- condition: User bar
keyword:
X11Forwarding: "no"
sshd_config_pre: |
Port 2022
sshd_config_post: |
Match Address 192.168.1.1
PasswordAuthentication yes
License
Copyright (c) 2016 Tomoyuki Sakurai <[email protected]>
You can use, copy, modify, and share this software for any purpose, free of charge, as long as you include the copyright notice above.
THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. THE AUTHOR IS NOT LIABLE FOR ANY DAMAGES RESULTING FROM THE USE OF THIS SOFTWARE.
Author Information
Tomoyuki Sakurai tomoyukis@reallyenglish.com
This README was created using ansible-role-init.
Installa
ansible-galaxy install adambirds.configure-sshdLicenza
isc
Download
84
Proprietario
I am a Python and TypeScript Developer. Currently studying for a Computing & IT (Software) degree.
Owner of @adb-web-designs and @VastDesk.