ansible_ssh_hardening_fallback
ssh-hardening-fallback (Ansible role)
(Still in alpha stage. Not ready for production!)
Description
Idempotent wrapper to role dev-sec.ssh-hardening with automatic fallback to default port 22.
TODO
- Make fallback code more resilient
- Proper tests (Molecule?)
- Submit to Galaxy
Requirements
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
No specific variables. But it does use inventory variable ansible_port
. Also, being a wrapper to dev-sec.ssh-hardening
, all variables relevant to that role will be applied. Please refer to its documentation for more details.
Dependencies
It calls role dev-sec.ssh-hardening
. When using this role, variable ssh_server_ports
is not available since it will always be overwritten with the inventory variable ansible_port
.
Example Playbook
- hosts: servers
roles:
- role: nununo.ssh-hardening-fallback
License
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Author Information
- Author: Nuno Godinho
- Inspired by this post by: David Moreau Simard
Idempotent wrapper to dev-sec.ssh-hardening with automatic fallback to default port 22.
ansible-galaxy install nununo/ansible-ssh-hardening-fallback