This role provides a jailed sshd server. Nothing more.
All incoming ssh connection will be redirected to this jail and if the user is allowed to login again forwarded to the hosts internal ssh server (needs proxy command to be set up - see Vagrantfile
within this project for example).
This role is intent to be used with a fresh FreeBSD 11.2 installation. There is a Vagrant Box with providers for VirtualBox and EC2 you may use.
The public key used for user authentication. Will be added to authorized_key
file of the user (host/jail). Defaults to vagrants insecure public key.
Set to yes
if this jail is used as jump host for the host system. Default: no
.
The port the sshd server should listen on. Default: 22
.
The user name used to connect via ssh. Default: 'vagrant'
.
The group id the ssh user should belong to. Default: 1001
.
The ssh user's home directory. Default: /home/{{ sshd_user }}
.
The default shell for the ssh user. Default: /bin/sh
.
The id for the ssh user. Default: 1001
.
- hosts: all
become: true
tasks:
- import_role:
name: 'JoergFiedler.freebsd-jail-host'
- include_role:
name: 'JoergFiedler.freebsd-jailed-sshd'
vars:
jail_net_ip: '10.1.0.10'
jail_name: 'sshd'
sshd_jump_host: true
BSD
Any ideas to improve this project, please open an issue on Github. Thanks.