mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-25 20:40:18 +01:00
Merge pull request #89 from tterranigma/systemd
Adds ability to install a systemd service
This commit is contained in:
commit
b431459b45
26 changed files with 284 additions and 138 deletions
65
README.md
65
README.md
|
@ -44,25 +44,40 @@ Role variables
|
|||
Unconfigured, this role will provide a sshd_config that matches the OS default,
|
||||
minus the comments and in a different order.
|
||||
|
||||
* sshd_skip_defaults
|
||||
* `sshd_skip_defaults`
|
||||
|
||||
If set to True, don't apply default values. This means that you must have a
|
||||
complete set of configuration defaults via either the sshd dict, or sshd_Key
|
||||
variables. Defaults to *False*.
|
||||
|
||||
* sshd_manage_service
|
||||
* `sshd_manage_service`
|
||||
|
||||
If set to False, the service/daemon won't be touched at all, i.e. will not try
|
||||
to enable on boot or start or reload the service. Defaults to *True* unless
|
||||
running inside a docker container (it is assumed ansible is used during build
|
||||
phase).
|
||||
If set to False, the service/daemon won't be **managed** at all, i.e. will not
|
||||
try to enable on boot or start or reload the service. Defaults to *True*
|
||||
unless running inside a docker container (it is assumed ansible is used during
|
||||
build phase).
|
||||
|
||||
* sshd_allow_reload
|
||||
* `sshd_allow_reload`
|
||||
|
||||
If set to False, a reload of sshd wont happen on change. This can help with
|
||||
troubleshooting. You'll need to manually reload sshd if you want to apply the
|
||||
changed configuration. Defaults to the same value as ``sshd_manage_service``.
|
||||
|
||||
* `sshd_install_service`
|
||||
|
||||
If set to True, the role will install service files for the ssh service.
|
||||
Defaults to False.
|
||||
|
||||
The templates for the service files to be used are pointed to by the variables
|
||||
|
||||
- `sshd_service_template_service` (__default__: _templates/sshd.service.j2_)
|
||||
- `sshd_service_template_at_service` (__default__: _templates/sshd@.service.j2_)
|
||||
- `sshd_service_template_socket` (__default__: _templates/sshd.socket.j2_)
|
||||
|
||||
Using these variables, you can use your own custom templates. With the above
|
||||
default templates, the name of the installed ssh service will be provided by
|
||||
the `sshd_service` variable.
|
||||
|
||||
* sshd
|
||||
|
||||
A dict containing configuration. e.g.
|
||||
|
@ -74,7 +89,7 @@ sshd:
|
|||
- 0.0.0.0
|
||||
```
|
||||
|
||||
* ssh_...
|
||||
* `ssh_...`
|
||||
|
||||
Simple variables can be used rather than a dict. Simple values override dict
|
||||
values. e.g.:
|
||||
|
@ -99,14 +114,44 @@ ListenAddress 0.0.0.0
|
|||
ListenAddress ::
|
||||
```
|
||||
|
||||
* sshd_match
|
||||
* `sshd_match`
|
||||
|
||||
A list of dicts for a match section. See the example playbook.
|
||||
|
||||
* sshd_match_1 through sshd_match_9
|
||||
* `sshd_match_1` through `sshd_match_9`
|
||||
|
||||
A list of dicts or just a dict for a Match section.
|
||||
|
||||
### Secondary role variables
|
||||
|
||||
These variables are used by the role internals and can be used to override the
|
||||
defaults that correspond to each supported platform.
|
||||
|
||||
* `sshd_packages`
|
||||
|
||||
Use this variable to override the default list of packages to install.
|
||||
|
||||
* `sshd_config_owner`, `sshd_config_group`, `sshd_config_mode`
|
||||
|
||||
Use these variables to set the ownership and permissions for the openssh config
|
||||
file that this role produces.
|
||||
|
||||
* `sshd_config_file`
|
||||
|
||||
The path where the openssh configuration produced by this role should be saved.
|
||||
|
||||
* `sshd_binary`
|
||||
|
||||
The path to the openssh executable
|
||||
|
||||
* `sshd_service`
|
||||
|
||||
The name of the openssh service. By default, this variable contains the name of
|
||||
the ssh service that the target platform uses. But it can also be used to set
|
||||
the name of the custom ssh service when the `sshd_install_service` variable is
|
||||
used.
|
||||
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
||||
|
|
|
@ -2,26 +2,41 @@
|
|||
### USER OPTIONS
|
||||
# Don't apply OS defaults when set to true
|
||||
sshd_skip_defaults: false
|
||||
|
||||
# If the below is false, don't manage the service or reload the SSH
|
||||
# daemon at all
|
||||
sshd_manage_service: true
|
||||
|
||||
# If the below is true, also install service files from the templates pointed
|
||||
# to by the `sshd_service_template_*` variables
|
||||
sshd_install_service: false
|
||||
sshd_service_template_service: sshd.service.j2
|
||||
sshd_service_template_at_service: sshd@.service.j2
|
||||
sshd_service_template_socket: sshd.socket.j2
|
||||
|
||||
# If the below is false, don't reload the ssh daemon on change
|
||||
sshd_allow_reload: true
|
||||
|
||||
# If the below is true, create a backup of the config file when the template is copied
|
||||
sshd_backup: false
|
||||
|
||||
# Empty dicts to avoid errors
|
||||
sshd: {}
|
||||
|
||||
### VARS DEFAULTS
|
||||
### The following are defaults for OS specific configuration in var files in
|
||||
### this role. They should not be set by role users.
|
||||
sshd_packages: []
|
||||
sshd_config_owner: root
|
||||
sshd_config_group: root
|
||||
sshd_config_mode: "0600"
|
||||
sshd_config_file: /etc/ssh/sshd_config
|
||||
sshd_binary: /usr/sbin/sshd
|
||||
sshd_service: sshd
|
||||
sshd_sftp_server: /usr/lib/openssh/sftp-server
|
||||
sshd_defaults: {}
|
||||
sshd_os_supported: no
|
||||
### this role. They should not be set directly by role users. If you really
|
||||
### need to override them, use the corresponding, unprefixed variables (eg
|
||||
### `sshd_packages` to override __sshd_packages).
|
||||
__sshd_packages: []
|
||||
__sshd_config_owner: root
|
||||
__sshd_config_group: root
|
||||
__sshd_config_mode: "0600"
|
||||
__sshd_config_file: /etc/ssh/sshd_config
|
||||
__sshd_binary: /usr/sbin/sshd
|
||||
__sshd_service: sshd
|
||||
|
||||
### These variables are used by role internals and should not be used.
|
||||
__sshd_sftp_server: /usr/lib/openssh/sftp-server
|
||||
__sshd_defaults: {}
|
||||
__sshd_os_supported: no
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
{% set value = override %}
|
||||
{% elif sshd[key] is defined %}
|
||||
{% set value = sshd[key] %}
|
||||
{% elif sshd_defaults[key] is defined and sshd_skip_defaults != true %}
|
||||
{% set value = sshd_defaults[key] %}
|
||||
{% elif __sshd_defaults[key] is defined and sshd_skip_defaults != true %}
|
||||
{% set value = __sshd_defaults[key] %}
|
||||
{% endif %}
|
||||
{{ render_option(key,value) -}}
|
||||
{% endmacro %}
|
||||
|
|
48
tasks/install.yml
Normal file
48
tasks/install.yml
Normal file
|
@ -0,0 +1,48 @@
|
|||
---
|
||||
|
||||
- name: OS is supported
|
||||
assert:
|
||||
that: __sshd_os_supported == True
|
||||
|
||||
- name: Install ssh packages
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ sshd_packages }}"
|
||||
|
||||
- name: Configuration
|
||||
template:
|
||||
src: sshd_config.j2
|
||||
dest: "{{ sshd_config_file }}"
|
||||
owner: "{{ sshd_config_owner }}"
|
||||
group: "{{ sshd_config_group }}"
|
||||
mode: "{{ sshd_config_mode }}"
|
||||
validate: "{{ sshd_binary }} -t -f %s"
|
||||
notify: reload_sshd
|
||||
|
||||
- name: Install systemd service files
|
||||
block:
|
||||
- template:
|
||||
src: "{{ sshd_service_template_service }}"
|
||||
dest: "/etc/systemd/system/{{ sshd_service }}.service"
|
||||
notify: reload_sshd
|
||||
- template:
|
||||
src: "{{ sshd_service_template_at_service }}"
|
||||
dest: "/etc/systemd/system/{{ sshd_service }}@.service"
|
||||
notify: reload_sshd
|
||||
- template:
|
||||
src: "{{ sshd_service_template_socket }}"
|
||||
dest: "/etc/systemd/system/{{ sshd_service }}.socket"
|
||||
notify: reload_sshd
|
||||
when: sshd_install_service
|
||||
|
||||
- name: Service enabled and running
|
||||
service:
|
||||
name: "{{ sshd_service }}"
|
||||
enabled: true
|
||||
state: started
|
||||
when: "sshd_manage_service and ansible_virtualization_type|default(None) != 'docker'"
|
||||
|
||||
- name: Register that this role has run
|
||||
set_fact: sshd_has_run=true
|
||||
when: sshd_has_run is not defined
|
|
@ -1,41 +1,5 @@
|
|||
---
|
||||
- name: Set OS dependent variables
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
|
||||
- "{{ ansible_distribution }}.yml"
|
||||
- "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml"
|
||||
- "{{ ansible_os_family }}.yml"
|
||||
- default.yml
|
||||
|
||||
- name: OS is supported
|
||||
assert:
|
||||
that: sshd_os_supported == True
|
||||
- include_tasks: variables.yml
|
||||
|
||||
- name: Install ssh packages
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ sshd_packages }}"
|
||||
|
||||
- name: Configuration
|
||||
template:
|
||||
src: sshd_config.j2
|
||||
dest: "{{ sshd_config_file }}"
|
||||
owner: "{{ sshd_config_owner }}"
|
||||
group: "{{ sshd_config_group }}"
|
||||
mode: "{{ sshd_config_mode }}"
|
||||
backup: "{{ sshd_backup }}"
|
||||
validate: "{{ sshd_binary }} -t -f %s"
|
||||
notify: reload_sshd
|
||||
|
||||
- name: Service enabled and running
|
||||
service:
|
||||
name: "{{ sshd_service }}"
|
||||
enabled: true
|
||||
state: started
|
||||
when: "sshd_manage_service and ansible_virtualization_type|default(None) != 'docker'"
|
||||
|
||||
- name: Register that this role has run
|
||||
set_fact: sshd_has_run=true
|
||||
when: sshd_has_run is not defined
|
||||
- include_tasks: install.yml
|
||||
|
|
37
tasks/variables.yml
Normal file
37
tasks/variables.yml
Normal file
|
@ -0,0 +1,37 @@
|
|||
---
|
||||
|
||||
- name: Set OS dependent variables
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
|
||||
- "{{ ansible_distribution }}.yml"
|
||||
- "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml"
|
||||
- "{{ ansible_os_family }}.yml"
|
||||
- default.yml
|
||||
|
||||
- name: Override OS defaults
|
||||
block:
|
||||
- set_fact:
|
||||
sshd_packages: "{{ __sshd_packages }}"
|
||||
when: sshd_packages is not defined
|
||||
- set_fact:
|
||||
sshd_config_owner: "{{ __sshd_config_owner }}"
|
||||
when: sshd_config_owner is not defined
|
||||
- set_fact:
|
||||
sshd_config_group: "{{ __sshd_config_group }}"
|
||||
when: sshd_config_group is not defined
|
||||
- set_fact:
|
||||
sshd_config_mode: "{{ __sshd_config_mode }}"
|
||||
when: sshd_config_mode is not defined
|
||||
- set_fact:
|
||||
sshd_config_file: "{{ __sshd_config_file }}"
|
||||
when: sshd_config_file is not defined
|
||||
- set_fact:
|
||||
sshd_binary: "{{ __sshd_binary }}"
|
||||
when: sshd_binary is not defined
|
||||
- set_fact:
|
||||
sshd_service: "{{ __sshd_service }}"
|
||||
when: sshd_service is not defined
|
||||
- set_fact:
|
||||
sshd_sftp_server: "{{ __sshd_sftp_server }}"
|
||||
when: sshd_sftp_server is not defined
|
17
templates/sshd.service.j2
Normal file
17
templates/sshd.service.j2
Normal file
|
@ -0,0 +1,17 @@
|
|||
[Unit]
|
||||
Description=OpenBSD Secure Shell server
|
||||
|
||||
[Service]
|
||||
ExecStartPre={{ sshd_binary }} -t
|
||||
ExecStart={{ sshd_binary }} -D -f {{ sshd_config_file }}
|
||||
ExecReload={{ sshd_binary }} -t
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
KillMode=process
|
||||
Restart=on-failure
|
||||
RestartPreventExitStatus=255
|
||||
Type=notify
|
||||
RuntimeDirectory={{ sshd_binary }}
|
||||
RuntimeDirectoryMode=0755
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
11
templates/sshd.socket.j2
Normal file
11
templates/sshd.socket.j2
Normal file
|
@ -0,0 +1,11 @@
|
|||
[Unit]
|
||||
Description=OpenBSD Secure Shell server socket
|
||||
Before={{ sshd_service }}.service
|
||||
Conflicts={{sshd_service }}.service
|
||||
|
||||
[Socket]
|
||||
ListenStream=22
|
||||
Accept=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
9
templates/sshd@.service.j2
Normal file
9
templates/sshd@.service.j2
Normal file
|
@ -0,0 +1,9 @@
|
|||
[Unit]
|
||||
Description=OpenBSD Secure Shell server per-connection daemon
|
||||
After=auditd.service
|
||||
|
||||
[Service]
|
||||
ExecStart=-{{ sshd_binary }} -i -f {{ sshd_config_file }}
|
||||
StandardInput=socket
|
||||
RuntimeDirectory={{ sshd_binary }}
|
||||
RuntimeDirectoryMode=0755
|
|
@ -21,8 +21,8 @@
|
|||
{% set value = override %}
|
||||
{% elif sshd[key] is defined %}
|
||||
{% set value = sshd[key] %}
|
||||
{% elif sshd_defaults[key] is defined and sshd_skip_defaults != true %}
|
||||
{% set value = sshd_defaults[key] %}
|
||||
{% elif __sshd_defaults[key] is defined and sshd_skip_defaults != true %}
|
||||
{% set value = __sshd_defaults[key] %}
|
||||
{% endif %}
|
||||
{{ render_option(key,value) -}}
|
||||
{% endmacro %}
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
sshd_config_mode: '0644'
|
||||
sshd_packages:
|
||||
__sshd_config_mode: '0644'
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
- openssh-server
|
||||
sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
__sshd_defaults:
|
||||
SyslogFacility: AUTHPRIV
|
||||
PermitRootLogin: forced-commands-only
|
||||
AuthorizedKeysFile: .ssh/authorized_keys
|
||||
|
@ -20,4 +20,4 @@ sshd_defaults:
|
|||
- LC_IDENTIFICATION LC_ALL LANGUAGE
|
||||
- XMODIFIERS
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
sshd_packages:
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
sshd_sftp_server: /usr/lib/ssh/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_sftp_server: /usr/lib/ssh/sftp-server
|
||||
__sshd_defaults:
|
||||
AuthorizedKeysFile: .ssh/authorized_keys
|
||||
ChallengeResponseAuthentication: no
|
||||
PrintMotd: no
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
# There is no package manager in CoreOS
|
||||
sshd_packages: []
|
||||
sshd_service: sshd
|
||||
sshd_sftp_server: internal-sftp
|
||||
sshd_defaults:
|
||||
__sshd_packages: []
|
||||
__sshd_service: sshd
|
||||
__sshd_sftp_server: internal-sftp
|
||||
__sshd_defaults:
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
ClientAliveInterval: 180
|
||||
UseDNS: no
|
||||
UsePAM: yes
|
||||
PrintLastLog: no
|
||||
PrintMotd: no
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -33,4 +33,4 @@ sshd_defaults:
|
|||
AcceptEnv: LANG LC_*
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
- openssh-sftp-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -35,4 +35,4 @@ sshd_defaults:
|
|||
AcceptEnv: LANG LC_*
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
- openssh-sftp-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -31,4 +31,4 @@ sshd_defaults:
|
|||
AcceptEnv: LANG LC_*
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
sshd_packages:
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
- openssh-server
|
||||
sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
__sshd_defaults:
|
||||
HostKey:
|
||||
- /etc/ssh/ssh_host_rsa_key
|
||||
- /etc/ssh/ssh_host_ecdsa_key
|
||||
|
@ -23,4 +23,4 @@ sshd_defaults:
|
|||
- LC_IDENTIFICATION LC_ALL LANGUAGE
|
||||
- XMODIFIERS
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
sshd_config_group: wheel
|
||||
sshd_config_mode: "0644"
|
||||
sshd_sftp_server: /usr/libexec/sftp-server
|
||||
sshd_os_supported: yes
|
||||
__sshd_config_group: wheel
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_sftp_server: /usr/libexec/sftp-server
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
sshd_config_group: wheel
|
||||
sshd_config_mode: "0600"
|
||||
sshd_sftp_server: /usr/libexec/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_config_group: wheel
|
||||
__sshd_config_mode: "0600"
|
||||
__sshd_sftp_server: /usr/libexec/sftp-server
|
||||
__sshd_defaults:
|
||||
AuthorizedKeysFile: .ssh/authorized_keys
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
sshd_os_supported: yes
|
||||
sshd_manage_var_run: no
|
||||
__sshd_os_supported: yes
|
||||
__sshd_manage_var_run: no
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
sshd_packages:
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
- openssh-server
|
||||
sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
__sshd_defaults:
|
||||
Protocol: 2
|
||||
SyslogFacility: AUTHPRIV
|
||||
PasswordAuthentication: yes
|
||||
|
@ -18,4 +18,4 @@ sshd_defaults:
|
|||
- XMODIFIERS
|
||||
X11Forwarding: yes
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
sshd_packages:
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
- openssh-server
|
||||
sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
__sshd_defaults:
|
||||
HostKey:
|
||||
- /etc/ssh/ssh_host_rsa_key
|
||||
- /etc/ssh/ssh_host_ecdsa_key
|
||||
|
@ -25,4 +25,4 @@ sshd_defaults:
|
|||
- LC_IDENTIFICATION LC_ALL LANGUAGE
|
||||
- XMODIFIERS
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
---
|
||||
sshd_packages:
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
sshd_sftp_server: /usr/lib/ssh/sftp-server
|
||||
sshd_defaults:
|
||||
__sshd_sftp_server: /usr/lib/ssh/sftp-server
|
||||
__sshd_defaults:
|
||||
HostKey:
|
||||
- /etc/ssh/ssh_host_rsa_key
|
||||
- /etc/ssh/ssh_host_ecdsa_key
|
||||
|
@ -22,4 +22,4 @@ sshd_defaults:
|
|||
- LC_IDENTIFICATION LC_ALL LANGUAGE
|
||||
- XMODIFIERS
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -33,4 +33,4 @@ sshd_defaults:
|
|||
AcceptEnv: LANG LC_*
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
- openssh-sftp-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -35,4 +35,4 @@ sshd_defaults:
|
|||
AcceptEnv: LANG LC_*
|
||||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
- openssh-sftp-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -37,4 +37,4 @@ sshd_defaults:
|
|||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
UseDNS: no
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
sshd_service: ssh
|
||||
sshd_packages:
|
||||
__sshd_service: ssh
|
||||
__sshd_packages:
|
||||
- openssh-server
|
||||
- openssh-sftp-server
|
||||
sshd_config_mode: "0644"
|
||||
sshd_defaults:
|
||||
__sshd_config_mode: "0644"
|
||||
__sshd_defaults:
|
||||
Port: 22
|
||||
Protocol: 2
|
||||
HostKey:
|
||||
|
@ -37,4 +37,4 @@ sshd_defaults:
|
|||
Subsystem: "sftp {{ sshd_sftp_server }}"
|
||||
UsePAM: yes
|
||||
UseDNS: no
|
||||
sshd_os_supported: yes
|
||||
__sshd_os_supported: yes
|
||||
|
|
Loading…
Reference in a new issue