mirror of
https://github.com/de-it-krachten/ansible-role-openssh
synced 2026-05-14 11:51:51 +00:00
No description
- Jinja 100%
4f0a09b78c
# [1.10.0](https://github.com/de-it-krachten/ansible-role-openssh/compare/v1.9.0...v1.10.0) (2026-03-15) ### Features * Added support for Fedora 43 ([ |
||
|---|---|---|
| .github/workflows | ||
| defaults | ||
| handlers | ||
| meta | ||
| molecule/default | ||
| tasks | ||
| .ansible-lint | ||
| .cicd | ||
| .cicd.overwrite | ||
| .collections | ||
| .gitignore | ||
| .releaserc.yml | ||
| .roles | ||
| .yamllint | ||
| CHANGELOG.md | ||
| README.md | ||
ansible-role-openssh
Installs & manages OpenSSH
Dependencies
Roles
None
Collections
- community.general
Platforms
Supported platforms
- Red Hat Enterprise Linux 81
- Red Hat Enterprise Linux 91
- Red Hat Enterprise Linux 101
- RockyLinux 8
- RockyLinux 9
- RockyLinux 10
- OracleLinux 8
- OracleLinux 9
- OracleLinux 10
- AlmaLinux 8
- AlmaLinux 9
- AlmaLinux 10
- Debian 11 (Bullseye)
- Debian 12 (Bookworm)
- Debian 13 (Trixie)
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Fedora 42
- Fedora 43
Note: 1 : no automated testing is performed on these platforms
Role Variables
defaults/main.yml
# OpenSSH service
openssh_service: sshd
# Default OpensSH port
openssh_port: 22
# SELinux type
openssh_setype: ssh_port_t
# dict of key/values to be configured
openssh_daemon_options:
- key: Port
value: "{{ openssh_port }}"
- key: Ciphers
value: 'aes128-ctr,aes192-ctr,aes256-ctr'
insertafter: "# Ciphers"
- key: KexAlgorithms
value: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
insertafter: "# Ciphers"
- key: PermitRootLogin
value: 'no'
# Use predefined host keys
openssh_host_keys: []
# openssh_host_keys:
# - files/openssh/host1/ssh_host_dsa_key
# - files/openssh/host1/ssh_host_dsa_key.pub
# - files/openssh/host1/ssh_host_ecdsa_key
# - files/openssh/host1/ssh_host_ecdsa_key.pub
# - files/openssh/host1/ssh_host_ed25519_key
# - files/openssh/host1/ssh_host_ed25519_key.pub
# - files/openssh/host1/ssh_host_rsa_key
# - files/openssh/host1/ssh_host_rsa_key.pub
defaults/family-Debian.yml
# list of packages
openssh_packages:
- openssh-server
- openssh-client
# ssh-server config file
opensshd_config: /etc/ssh/sshd_config
defaults/family-RedHat.yml
# list of packages
openssh_packages:
- openssh
- openssh-server
- openssh-clients
# ssh-server config file
opensshd_config: /etc/ssh/sshd_config
defaults/family-Suse.yml
# list of packages
openssh_packages:
- openssh
- openssh-server
- openssh-clients
# ssh-server config file
opensshd_config: /etc/ssh/sshd_config
defaults/Ubuntu-24.yml
# OpenSSH service
openssh_service: ssh
Example Playbook
molecule/default/converge.yml
- name: sample playbook for role 'openssh'
hosts: all
become: 'yes'
vars:
molecule_driver: '{{ lookup(''env'', ''MOLECULE_DRIVER_NAME'') }}'
openssh_port: 2222
tasks:
- name: Include role 'openssh'
ansible.builtin.include_role:
name: openssh