diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-20 12:52:08 -0500 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-20 12:52:08 -0500 |
commit | 51554a734c481dad6bdc6515c5683a4a18f903b9 (patch) | |
tree | c8234fbc2be91dd09648329dfb76ad4666031e3f /roles/ssh/README.md | |
parent | 2b686cdb9e363c7c2747ca250ab9bfdc1354ed37 (diff) | |
download | selfhosted-51554a734c481dad6bdc6515c5683a4a18f903b9.tar.gz selfhosted-51554a734c481dad6bdc6515c5683a4a18f903b9.zip |
ssh: add docs
Diffstat (limited to 'roles/ssh/README.md')
-rw-r--r-- | roles/ssh/README.md | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/roles/ssh/README.md b/roles/ssh/README.md new file mode 100644 index 0000000..1975b0b --- /dev/null +++ b/roles/ssh/README.md @@ -0,0 +1,34 @@ +SSH +=== + +Description +----------- + +The `ssh` role configures SSH clients to use GSSAPI authentication for hosts +within the local FreeIPA domain. + + +Variables +--------- + +This role **accepts** the following variables: + +Variable | Default | Description +------------------------|----------------------------|------------ +`ssh_canonical_domains` | `['{{ ansible_domain }}']` | Host domains to canonicalize for Kerberos/GSSAPI + + +Usage +----- + +Example playbook: + +````yaml +- name: configure kerberized ssh + hosts: all + roles: + - role: ssh + vars: + ssh_canonical_domains: + - ipa.example.com +```` |