This repository was archived by the owner on Dec 26, 2020. It is now read-only.
ansible-ssh-hardening 4.3.0
4.3.0 (2017-08-03)
Implemented enhancements:
- Fix ansible.cfg settings #122 (fazlearefin)
- Finish 94 #116 (rndmh3ro)
This new version introduces many new variables! See the following list for details:
| Name | Default Value | Description |
|---|---|---|
ssh_banner |
false |
true to print a banner on login |
ssh_client_hardening |
true |
false to stop harden the client |
ssh_client_port |
'22' |
Specifies the port number to connect on the remote host. |
ssh_compression |
false |
Specifies whether compression is enabled after the user has authenticated successfully. |
ssh_max_auth_retries |
2 |
Specifies the maximum number of authentication attempts permitted per connection. |
ssh_print_debian_banner |
false |
true to print debian specific banner |
ssh_server_enabled |
true |
false to disable the opensshd server |
ssh_server_hardening |
true |
false to stop harden the server |
ssh_server_match_group |
'' | Introduces a conditional block. If all of the criteria on the Match line are satisfied, the keywords on the following lines override those set in the global section of the config file, until either another Match line or the end of the file. |
ssh_server_match_user |
'' | Introduces a conditional block. If all of the criteria on the Match line are satisfied, the keywords on the following lines override those set in the global section of the config file, until either another Match line or the end of the file. |
ssh_server_permit_environment_vars |
false |
true to specify that ~/.ssh/environment and environment= options in ~/.ssh/authorized_keys are processed by sshd |
ssh_use_dns |
false |
Specifies whether sshd should look up the remote host name, and to check that the resolved host name for the remote IP address maps back to the very same IP address. |
Merged pull requests:
- Don't overwrite ssh_host_key_files if set manually #125 (oakey-b1)
- Add comment filter to {{ansible_managed}} string #121 (fazlearefin)