reallyenglish.sshd

ansible-role-sshd

Set up SSH daemon (sshd).

Requirements

No requirements.

Role Variables

Variable	Description	Default
`sshd_user`	User name for `sshd`	`sshd`
`sshd_group`	Group name for `sshd`	`{{ __sshd_group }}`
`sshd_service`	Service name for `sshd`	`{{ __sshd_service }}`
`sshd_conf_dir`	Directory for `sshd` configuration files	`{{ __sshd_conf_dir }}`
`sshd_conf`	Path to `sshd_config` file	`{{ sshd_conf_dir }}/sshd_config`
`sshd_sftp_server`	Path to SFTP server	`{{ __sshd_sftp_server }}`
`sshd_config`	Configuration settings for `sshd`	`{"PermitRootLogin"=>"without-password", "PasswordAuthentication"=>"no", "UseDNS"=>"no", "UsePAM"=>"no", "Subsystem"=>"sftp {{ sshd_sftp_server }}"}`
`sshd_config_pre`	Additional settings before main configuration	`""`
`sshd_config_post`	Additional settings after main configuration	`""`
`sshd_config_match`	List of conditions for `Match` blocks	`[]`

`ssh_config_match`

This variable creates Match blocks based on conditions.

Key	Value
`condition`	Condition for the `Match`
`keyword`	Directives and their values

Example:

sshd_config_match:
  - condition: User foo
    keyword:
      X11Forwarding: "yes"

Creates a block like:

Match User foo
  X11Forwarding yes

Debian

Variable	Default
`__sshd_group`	`ssh`
`__sshd_conf_dir`	`/etc/ssh`
`__sshd_sftp_server`	`/usr/lib/sftp-server`
`__sshd_service`	`ssh`

FreeBSD

Variable	Default
`__sshd_group`	`sshd`
`__sshd_conf_dir`	`/etc/ssh`
`__sshd_sftp_server`	`/usr/libexec/sftp-server`
`__sshd_service`	`sshd`

OpenBSD

Variable	Default
`__sshd_group`	`sshd`
`__sshd_conf_dir`	`/etc/ssh`
`__sshd_sftp_server`	`/usr/libexec/sftp-server`
`__sshd_service`	`sshd`

RedHat

Variable	Default
`__sshd_group`	`ssh`
`__sshd_conf_dir`	`/etc/ssh`
`__sshd_sftp_server`	`/usr/lib/sftp-server`
`__sshd_service`	`sshd.service`

Dependencies

No dependencies.

Example Playbook

- hosts: localhost
  roles:
    - ansible-role-sshd
  vars:
    sshd_config:
      PermitRootLogin: without-password
      PasswordAuthentication: "no"
      Port: 22
      UseDNS: "no"
      UsePAM: "no"
      Subsystem: "sftp {{ sshd_sftp_server }}"
    sshd_config_match:
      - condition: User foo
        keyword:
          X11Forwarding: "yes"
      - condition: User bar
        keyword:
          X11Forwarding: "no"
    sshd_config_pre: |
      Port 2022
    sshd_config_post: |
      Match Address 192.168.1.1
        PasswordAuthentication yes

License

Copyright (c) 2016 Tomoyuki Sakurai <[email protected]>

You can use, copy, change, and share this software for any purpose. Just keep the copyright notice above.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT ANY WARRANTIES. The author is not responsible for any issues caused by using this software.

Author Information

Tomoyuki Sakurai tomoyukis@reallyenglish.com

This README was created by ansible-role-init.

Informazioni sul progetto

Configures sshd

role DNS

Installa

ansible-galaxy install reallyenglish.sshd

GitHub repository

1 stelle

2 fork

0 problemi aperti

Licenza

isc

Download

10.1k

Proprietario

EdulinX