From 588628fe8c8939e9be94189b5dc2c0ec4584a6db Mon Sep 17 00:00:00 2001
From: Matt Willsher <matt@willsher.systems>
Date: Mon, 22 Dec 2014 09:41:44 +0000
Subject: [PATCH] Ubuntu default values

---
 vars/Ubuntu.yml | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 vars/Ubuntu.yml

diff --git a/vars/Ubuntu.yml b/vars/Ubuntu.yml
new file mode 100644
index 0000000..d1fe928
--- /dev/null
+++ b/vars/Ubuntu.yml
@@ -0,0 +1,38 @@
+---
+sshd_service: ssh
+sshd_packages:
+  - openssh-server
+  - openssh-blacklist
+  - openssh-blacklist-extra
+  - openssh-sftp-server
+sshd_defaults:
+  Port: 22
+  Protocol: 2
+  HostKey: 
+    - /etc/ssh/ssh_host_rsa_key
+    - /etc/ssh/ssh_host_dsa_key
+    - /etc/ssh/ssh_host_ecdsa_key
+    - /etc/ssh/ssh_host_ed25519_key
+  UsePrivilegeSeperation: yes
+  KeyRegenerationInterval: 3600
+  ServerKeyBits: 1024
+  SyslogFacility: AUTH
+  LogLevel: INFO
+  LoginGraceTime: 120
+  PermitRootLogin: without-password
+  StrictModes: yes
+  RSAAuthentication: yes
+  PubkeyAuthentication: yes
+  IgnoreRhosts: yes
+  RhostsRSAAuthentication: no
+  HostbaseAuthentication: no
+  PermitEmptyPasswords: no
+  ChallengeResponseAuthentication: no
+  X11Forwarding: yes
+  X11DisplayOffset: 10
+  PrintMotd: no
+  PrintLastLog: yes
+  TCPKeepAlive: yes
+  AcceptEnv: LANG LC_*
+  Subsystem: sftp {{ sshd_sftp_server }}
+  UsePAM: yes