fabtools.ssh¶
OpenSSH tasks¶
This module provides tools to manage OpenSSH server and client.
- fabtools.ssh.harden(allow_root_login=False, allow_password_auth=False, sshd_config='/etc/ssh/sshd_config')[source]¶
Apply best practices for ssh security.
See fabtools.ssh.disable_password_auth() and fabtools.ssh.disable_root_login() for a detailed description.
import fabtools # This will apply all hardening techniques. fabtools.ssh.harden() # Only apply some of the techniques. fabtools.ssh.harden(allow_password_auth=True) # Override the sshd_config file location. fabtools.ssh.harden(sshd_config='/etc/sshd_config')
- fabtools.ssh.disable_password_auth(sshd_config='/etc/ssh/sshd_config')[source]¶
Do not allow users to use passwords to login via ssh.
- fabtools.ssh.enable_password_auth(sshd_config='/etc/ssh/sshd_config')[source]¶
Allow users to use passwords to login via ssh.