SSH hardening, based on https://www.sshaudit.com & more

Find a file

Sven Velt 9ff0979db4 Add 'ed25519-only' configuration		2021-10-19 09:39:54 +02:00
defaults	Another fix for SSH restart...	2021-10-12 09:52:29 +02:00
handlers	Fix variables for devuan SSH restart	2021-10-12 09:42:30 +02:00
meta	First snapshot	2021-10-11 22:58:09 +02:00
tasks	Force config with var "ssh_hardening_force"	2021-10-19 09:38:38 +02:00
templates	First snapshot	2021-10-11 22:58:09 +02:00
vars	special var file for ed25519-only	2021-10-12 22:44:45 +02:00
.gitignore	Initial commit	2021-10-11 20:37:03 +00:00
LICENSE	Initial commit	2021-10-11 20:37:03 +00:00
README.md	Add SSH versions in the wild	2021-10-12 10:12:58 +00:00
ssh-hardening.yml	First snapshot	2021-10-11 22:58:09 +02:00

ssh-hardening

SSH hardening, based on https://www.sshaudit.com & more

Requirements

- hosts: servers
  roles:
     - { role: ssh-hardening }

6.0: [_] Debian 7 "wheezy"
6.5: - (support for curve25519-sha256@libssh.org, ssh-ed25519, chacha20-poly1305@openssh.com)
6.6: Ubuntu 14.04 "trusty"
6.7: [_] Debian 8 "jessie"
7.0:
7.1:
7.2: Ubuntu 16.04 "xenial"
7.4: Debian 9 "stretch", RedHat 7 - (added curve25519-sha256)
7.6: Ubuntu 18.04 "bionic"
7.7:
7.8:
7.9: Debian 10 "buster"
8.0: RedHat 8
8.1: Suse 15.2
8.2: Ubuntu 20.04 "focal"
8.3:
8.4: Debian 11 "bullseye", Fedora 33, Suse 15.3
8.5:
8.6: Fedora 34
8.7: Fedora 35
8.8: Archlinux, Voidlinux

AGPL3.0-or-later