From 0d10fb9a399d544100e40fb6239e0ebf50704b61 Mon Sep 17 00:00:00 2001 From: Matt Willsher Date: Sun, 4 Jan 2015 12:55:34 +0000 Subject: [PATCH 1/2] Remove unneccasery match --- vars/Debian.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/vars/Debian.yml b/vars/Debian.yml index 40034e7..ea81b4c 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -36,6 +36,3 @@ sshd_defaults: AcceptEnv: LANG LC_* Subsystem: "sftp {{ sshd_sftp_server }}" UsePAM: yes - Match: - - Condition: User vagrant - MaxSessions: 10 From fd476f0c082c361b5907ce83df1e084ee345b714 Mon Sep 17 00:00:00 2001 From: Matt Willsher Date: Sun, 4 Jan 2015 13:36:33 +0000 Subject: [PATCH 2/2] Add Debian 8/Jessie defaults --- vars/Debian_8.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 vars/Debian_8.yml diff --git a/vars/Debian_8.yml b/vars/Debian_8.yml new file mode 100644 index 0000000..1478b25 --- /dev/null +++ b/vars/Debian_8.yml @@ -0,0 +1,39 @@ +--- +sshd_service: ssh +sshd_packages: + - openssh-server + - openssh-blacklist + - openssh-blacklist-extra + - openssh-sftp-server +sshd_config_mode: "0644" +sshd_defaults: + Port: 22 + Protocol: 2 + HostKey: + - /etc/ssh/ssh_host_rsa_key + - /etc/ssh/ssh_host_dsa_key + - /etc/ssh/ssh_host_ecdsa_key + - /etc/ssh/ssh_host_ed25519_key + UsePrivilegeSeparation: yes + KeyRegenerationInterval: 3600 + ServerKeyBits: 1024 + SyslogFacility: AUTH + LogLevel: INFO + LoginGraceTime: 120 + PermitRootLogin: without-password + StrictModes: yes + RSAAuthentication: yes + PubkeyAuthentication: yes + IgnoreRhosts: yes + RhostsRSAAuthentication: no + HostbasedAuthentication: no + PermitEmptyPasswords: no + ChallengeResponseAuthentication: no + X11Forwarding: yes + X11DisplayOffset: 10 + PrintMotd: no + PrintLastLog: yes + TCPKeepAlive: yes + AcceptEnv: LANG LC_* + Subsystem: "sftp {{ sshd_sftp_server }}" + UsePAM: yes