libretic/ansible-sshd
6
0
Fork 0
mirror of https://github.com/willshersystems/ansible-sshd synced 2024-11-06 03:43:30 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #7 from brenix/develop

Browse source 
Minor typo fixes and add Archlinux support
This commit is contained in:
Matt Willsher 2015-01-04 12:45:19 +00:00
commit be8dfbdc07
6 changed files with 19 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -38,7 +38,7 @@ sshd_ListenAddress:
sshd_skip_defaults: true sshd_skip_defaults: true
sshd: sshd:
Compression: true Compression: true
ListenAddres: ListenAddress:
- "0.0.0.0" - "0.0.0.0"
- "::" - "::"
GSSAPIAuthentication: no GSSAPIAuthentication: no

2
templates/sshd_config.j2
View file

@ -69,11 +69,11 @@ Match {{ match["Condition"] }}
{% endif %} {% endif %}
{% endmacro %} {% endmacro %}
{{ body_option("Port",sshd_Port) -}} {{ body_option("Port",sshd_Port) -}}
{{ body_option("AddressFamily",sshd_AddressFamily) -}}
{{ body_option("ListenAddress",sshd_ListenAddress) -}} {{ body_option("ListenAddress",sshd_ListenAddress) -}}
{{ body_option("Protocol",sshd_Protocol) -}} {{ body_option("Protocol",sshd_Protocol) -}}
{{ body_option("HostKey",sshd_HostKey) -}} {{ body_option("HostKey",sshd_HostKey) -}}
{{ body_option("AcceptEnv",sshd_AcceptEnv) -}} {{ body_option("AcceptEnv",sshd_AcceptEnv) -}}
{{ body_option("AddressFamily",sshd_AddressFamily) -}}
{{ body_option("AllowAgentForwarding",sshd_AllowAgentForwarding) -}} {{ body_option("AllowAgentForwarding",sshd_AllowAgentForwarding) -}}
{{ body_option("AllowGroups",sshd_AllowGroups) -}} {{ body_option("AllowGroups",sshd_AllowGroups) -}}
{{ body_option("AllowTcpForwarding",sshd_AllowTcpForwarding) -}} {{ body_option("AllowTcpForwarding",sshd_AllowTcpForwarding) -}}

14
vars/Archlinux.yml Normal file
View file

@ -0,0 +1,14 @@
---
sshd_service: sshd
sshd_packages:
- openssh
sshd_sftp_server: /usr/lib/ssh/sftp-server
sshd_defaults:
Port: 22
Protocol: 2
AuthorizedKeysFile: .ssh/authorized_keys
ChallengeResponseAuthentication: no
PrintMotd: no
Subsystem: "sftp {{ sshd_sftp_server }}"
UsePAM: yes
UsePrivilegeSeparation: sandbox

2
vars/Debian.yml
View file

@ -13,7 +13,7 @@ sshd_defaults:
- /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_dsa_key
- /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ecdsa_key
UsePrivilegeSeperation: yes UsePrivilegeSeparation: yes
KeyRegenerationInterval: 3600 KeyRegenerationInterval: 3600
ServerKeyBits: 768 ServerKeyBits: 768
SyslogFacility: AUTH SyslogFacility: AUTH

2
vars/RedHat_7.yml
View file

@ -15,7 +15,7 @@ sshd_defaults:
GSSAPICleanupCredentials: yes GSSAPICleanupCredentials: yes
UsePAM: yes UsePAM: yes
X11Forwarding: yes X11Forwarding: yes
UsePrivilegeSeperation: sandbox UsePrivilegeSeparation: sandbox
AcceptEnv: AcceptEnv:
- LANG LC_TYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES - LANG LC_TYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
- LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT - LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT

2
vars/Ubuntu.yml
View file

@ -13,7 +13,7 @@ sshd_defaults:
- /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_dsa_key
- /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ecdsa_key
- /etc/ssh/ssh_host_ed25519_key - /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeperation: yes UsePrivilegeSeparation: yes
KeyRegenerationInterval: 3600 KeyRegenerationInterval: 3600
ServerKeyBits: 1024 ServerKeyBits: 1024
SyslogFacility: AUTH SyslogFacility: AUTH