Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → vitalk → Ansible Secure Ssh

vitalk / Ansible Secure Ssh

The ansible playbook to improve the security of your SSH

Labels

security ansible ssh

Projects that are alternatives of or similar to Ansible Secure Ssh

Jjg Ansible Windows

[DEPRECATED] Windows shell provisioning script to bootstrap Ansible from within a Vagrant VM.

Stars: ✭ 82 (+13.89%)

Mutual labels: ansible, ssh

Streisand

Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

Stars: ✭ 22,605 (+31295.83%)

Mutual labels: ansible, ssh

Ansible Sshd

Ansible role to configure the OpenSSH server daemon

Stars: ✭ 163 (+126.39%)

Mutual labels: ansible, ssh

Ansible Ssh Hardening

This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.

Stars: ✭ 746 (+936.11%)

Mutual labels: ansible, ssh

Ansible Role Security

Ansible Role - Security

Stars: ✭ 398 (+452.78%)

Mutual labels: ansible, ssh

Opscloud

运维管理平台(阿里云)，自动同步阿里云配置信息，堡垒机（容器），批量运维，Kubernetes，Zabbix管理等功能

Stars: ✭ 788 (+994.44%)

Mutual labels: ansible, ssh

Module Security Public

The public documentation for the gruntwork-io/module-security repo, which contains packages for setting up best practices for managing secrets, credentials, and servers

Stars: ✭ 67 (-6.94%)

Mutual labels: ssh

Rubel

Rubel is a cms built with Laravel and React.

Stars: ✭ 70 (-2.78%)

Mutual labels: ansible

Web develop

《Python Web开发实战》书中源码

Stars: ✭ 1,146 (+1491.67%)

Mutual labels: ansible

Ansible Netdata

An Ansible role to install/configure Netdata

Stars: ✭ 65 (-9.72%)

Mutual labels: ansible

Poet

Lets you split your ssh_config into separate files

Stars: ✭ 72 (+0%)

Mutual labels: ssh

Ara

ARA Records Ansible and makes it easier to understand and troubleshoot.

Stars: ✭ 1,176 (+1533.33%)

Mutual labels: ansible

Cookiecutter Django Ansible

Powered by Cookiecutter, Cookiecutter Django Ansible is a framework for jumpstarting an ansible project for provisioning a server that is ready for your cookiecutter-django application.

Stars: ✭ 69 (-4.17%)

Mutual labels: ansible

Ansible Provisioning Tywin

Generate your Ansible provisioning for Symfony2, Laravel and Node.js projects

Stars: ✭ 67 (-6.94%)

Mutual labels: ansible

Showcase Ansible Chatops

Vagrant Demo showing ChatOps with Ansible

Stars: ✭ 71 (-1.39%)

Mutual labels: ansible

Ansible Letsencrypt

Ansible role for LetsEncrypt

Stars: ✭ 66 (-8.33%)

Mutual labels: ansible

Docker Centos7 Ansible

CentOS 7 Docker container for Ansible playbook and role testing.

Stars: ✭ 72 (+0%)

Mutual labels: ansible

B1tifi

ssh management tool to provides commandline access to a remote system running SSH server

Stars: ✭ 65 (-9.72%)

Mutual labels: ssh

Ansible Prometheus

Ansible playbook for installing Prometheus monitoring system, exporters such as: node, snmp, blackbox, thus alert manager and push gateway

Stars: ✭ 69 (-4.17%)

Mutual labels: ansible

Cisco ios

Ansible Network Cisco IOS Provider Role

Stars: ✭ 72 (+0%)

Mutual labels: ansible

View All Similar Projects ➔

Secure SSH

This document describes some simple steps that improve the security of your SSH installation. That steps are include:

Disable the empty password login. Empty password is a very bad idea.
Disable remote root login. The preferred way to gain root permissions is use su or sudo command.
Add your identity key to ~/.ssh/authorized_keys on remote host for passwordless login.
Disable password login (done only if previous step is successful).
Enable PAM.

Role Variables

The desired behavior can be refined via variables.

Option	Description
`sshd`	Name of ssh daemon, default is `ssh`.
`sshd_config`	Path to ssh daemon config, default is `/etc/ssh/sshd_config`.
`ssh_identity_key`	Path to your identity key. Added to `~/.ssh/authorized_keys` on remote host if both `ssh_identity_key` and `ssh_user` are defined. Default is `undefined`.
`ssh_user`	Username on remote host whose authorized keys will be modified. Uses only if `ssh_identity_key` is defined. Default is `undefined`.

For example, you can override default variables by passing it as a parameter to the role like so:

roles:
    - { role: ., ssh_user: vital, ssh_identity_key: /home/vital/.ssh/id_rsa.pub }

Or send them via command line:

ansible-playbook test.yml --extra-vars "sshd_config=/etc/sshd_config"

Example Playbook

The example below uses sudo to play book on your localhost via local connection.

ansible-playbook test.yml \
    -i hosts.example \
    -c local \
    -s --ask-sudo-pass

# file: test.yml
- hosts: local
  roles:
    - { role: ., sshd: ssh, sshd_config: /etc/sshd_config }

License

Licensed under the MIT license.

Author Information

Created by Vital Kudzelka.

Don't hesitate create a GitHub Issue if you have any bugs or suggestions.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 72

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗