Table of Contents
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with mozilla_ssh_hardening
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Configures OpenSSH with Mozilla hardening recomendations.
This is a module to use an existing
It's basically my standard way of configuring and hardening SSH servers for my requirements, and is part of the base profile I configure on all my machines.
- All the standard stuff you expect from an
sshdconfiguration, the config file, deamon, package and such
- Ciphers, MAC, Key exchanges are configured to be the Mozilla settings
This module requires the
The most basic configuration is simply:
There will be parameters to configure further settings as I do more research on SSH options.
Put the classes, types, and resources for customizing, configuring, and doing the fancy stuff with your module here.
Here, list the classes, types, providers, facts, etc contained in your module. This section should include all of the under-the-hood workings of your module so people know what the module is touching on their system but don't need to mess with things. (We are working on automating this section!)
Right now this is only extensively tested on the machines that I manage, which is mainly:
- Ubuntu 16.04
- CentOS 7
- CentOS 6
Other operating systems may work, if there are issues, pull-requests welcome!
Right now it's only setup to configure the server part of the setup, but I'm looking to extend it to support client in the future also.
If you'd like to other features or anything else, check out the contributing guidelines in CONTRIBUTING.md.