The sshd role allows you to manage your sshd configuration. This role allows you to manage the /etc/ssh/ssh_config file as host or group variables. You can choose to use the default configuration settings, or replace the default variables with your own, preferred sshd_config file settings.
- opensshd_enabled
- opensshd_manage_service
- opensshd_allow_reload
- opensshd_manage_var_run
- opensshd_skip_defaults
- opensshd_defaults
- opensshd
- opensshd_SSHD Directive
These variables should not be modified, as they are set for each OS.
- opensshd_packages
- opensshd_config_owner
- opensshd_config_group
- opensshd_config_mode
- opensshd_config_file
- opensshd_binary
- opensshd_service
- opensshd_sftp_server
- opensshd_defaults
- opensshd_os_supported
Users are encouraged to modify the role variables inside their group_vars folder.
- Installs sshd, if necessary.
- Modifies the SSHD configuration file.
- Restarts SSHD, if necessary.
- /etc/ssh/sshd_config
The OpenSSH Server program may be installed as a part of this role.
This role installs sshd and configures it using the following variables in the order from most specific to least specific:
- opensshd_Directive
- opensshd
- opensshd_defaults
vars/default.yml
opensshd_defaults:
Port: 22
group_vars/somegroup
opensshd:
Port: 222
host_vars/somehost.somegroup
opensshd_Port: 2222
Given the previously mentioned setup, the following are true:
- For any host that is not in the group somegroup, and not named somehost, the ssh service will be run on port 22.
- For any host that is part of the group somegroup, but not named somehost, the ssh service will be run on port 222.
- For the singular host named somehost, the ssh service will be run on port 2222.