From ce434c29d7a31e06f64521e32a137adaf75d8d7e Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Mon, 19 Sep 2022 15:49:40 +0200 Subject: [PATCH] feat: add option for LoginGraceTime and MaxStartups --- defaults/main.yml | 2 ++ templates/etc/ssh/sshd_config.j2 | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 1b35963..629037b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -42,6 +42,8 @@ sshd_max_auth_tries: 6 sshd_max_sessions: 10 sshd_tcp_keep_alive: "yes" sshd_use_dns: "no" +sshd_login_grace_time: 60 +sshd_max_startups: "10:30:60" sshd_crypto_policy_enabled: True diff --git a/templates/etc/ssh/sshd_config.j2 b/templates/etc/ssh/sshd_config.j2 index 3a8333b..5a2ffa1 100644 --- a/templates/etc/ssh/sshd_config.j2 +++ b/templates/etc/ssh/sshd_config.j2 @@ -50,7 +50,7 @@ LogLevel {{ sshd_log_level }} # Authentication: -#LoginGraceTime 2m +LoginGraceTime {{ sshd_login_grace_time }} PermitRootLogin {{ sshd_permit_root_login }} StrictModes {{ sshd_strict_modes }} {% if sshd_allow_groups %} @@ -136,7 +136,7 @@ ClientAliveInterval {{ sshd_client_alive_interval }} ClientAliveCountMax {{ sshd_client_alive_count_max }} UseDNS {{ sshd_use_dns }} #PidFile /var/run/sshd.pid -#MaxStartups 10:30:100 +MaxStartups {{ sshd_max_startups }} #PermitTunnel no #ChrootDirectory none #VersionAddendum none