rkhunter-ansible-role

This is an Ansible role for installing and setting up Rootkit Hunter, a tool that checks for rootkits and other potential vulnerabilities on your server.

Requirements

• Supported Operating Systems:
  • CentOS/RHEL 7
  • Debian Stretch
• Ansible Version: Must be 2.0 or higher.

Installation

To install the rkhunter-ansible-role, run:

$ ansible-galaxy install zaxos.rkhunter-ansible-role

Example Playbook

You can use the role in your playbook like this:

    - hosts: servers
      roles:
        - role: zaxos.rkhunter-ansible-role

Role Variables

Here are some important variables you may want to customize:

• rkhunter_report_mail_address: Sets the email address for reports, default is "root@localhost".

• rkhunter_diag_scan: Default is "no". Change to "yes" for a detailed scan that includes checking applications, or keep it "no" for a regular report scan.

• rkhunter_allow_ssh_protocol_v1: Default is 0 (SSH-1 is not allowed). Change to 1 to allow SSH-1. If no "Protocol" is set in the SSH config file, set it to 2 here to avoid warning messages.

• rkhunter_allow_ssh_root_login: Default is "no". This checks the SSH setting PermitRootLogin. If there's a mismatch, you'll see a warning. You can use "unset" here to avoid warnings if the SSH config hasn't set a value.