-
Notifications
You must be signed in to change notification settings - Fork 5
/
main.yml
90 lines (89 loc) · 2.23 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
---
openssh_client_settings:
Host: "*"
Port: "22"
Protocol: "2,1"
AddressFamily: "any"
ForwardAgent: "no"
ForwardX11: "no"
ForwardX11Timeout: "300"
ForwardX11Trusted: "no"
RhostsRSAAuthentication: "no"
RSAAuthentication: "no"
PasswordAuthentication: "yes"
HostbasedAuthentication: "no"
GSSAPIAuthentication: "no"
GSSAPIDelegateCredentials: "no"
GSSAPIKeyExchange: "no"
GSSAPITrustDNS: "no"
BatchMode: "no"
CheckHostIP: "yes"
ConnectTimeout: "30"
StrictHostKeyChecking: "ask"
Cipher: "aes256-cbc"
MACs: "hmac-md5,hmac-sha1,[email protected],hmac-ripemd160"
EscapeChar: "~"
Tunnel: "no"
TunnelDevice: "any:any"
PermitLocalCommand: "no"
VisualHostKey: "no"
ChallengeResponseAuthentication: "yes"
Compression: "no"
CompressionLevel: "4"
ConnectionAttempts: "1"
ExitOnForwardFailure: "no"
GatewayPorts: "no"
UsePrivilegedPort: "no"
TCPKeepAlive: "no"
openssh_server_settings:
Port: "22"
AddressFamily: "any"
Protocol: "2"
UsePrivilegeSeparation: "yes"
KeyRegenerationInterval: "3600"
ServerKeyBits: "1024"
SyslogFacility: "AUTH"
LogLevel: "INFO"
LoginGraceTime: "120"
PermitRootLogin: "no"
StrictModes: "yes"
MaxAuthTries: "6"
MaxSessions: "10"
RSAAuthentication: "yes"
PubkeyAuthentication: "yes"
AuthorizedKeysFile: "%h/.ssh/authorized_keys"
IgnoreRhosts: "yes"
RhostsRSAAuthentication: "no"
HostbasedAuthentication: "no"
IgnoreUserKnownHosts: "no"
PermitEmptyPasswords: "no"
ChallengeResponseAuthentication: "no"
PasswordAuthentication: "no"
KerberosAuthentication: "no"
KerberosOrLocalPasswd: "yes"
KerberosTicketCleanup: "yes"
GSSAPIAuthentication: "no"
GSSAPICleanupCredentials: "yes"
X11Forwarding: "yes"
X11DisplayOffset: "10"
X11UseLocalhost: "yes"
PrintMotd: "no"
PrintLastLog: "yes"
TCPKeepAlive: "yes"
UseLogin: "no"
MaxStartups: "10:30:100"
Banner: "none"
AcceptEnv: "LANG LC_*"
Subsystem: "sftp /usr/lib/openssh/sftp-server"
UsePAM: "yes"
UseDNS: "no"
AllowAgentForwarding: "yes"
AllowTcpForwarding: "yes"
GatewayPorts: "no"
ClientAliveInterval: "1750"
ClientAliveCountMax: "0"
PermitUserEnvironment: "no"
Compression: "delayed"
PidFile: "/var/run/sshd.pid"
PermitTunnel: "no"
ChrootDirectory: "none"