configurations-ansible/roles/hardening-basic/defaults/main.yml

22 lines
720 B
YAML
Raw Normal View History

---
# defaults file for hardening-basic
hardening_sshd_enabled: true
2022-11-21 12:56:57 +01:00
hardening_sshd_authorized_key_file: .ssh/authorized_keys
hardening_sshd_tcp_forward: false
2022-11-21 12:56:57 +01:00
hardening_sshd_legal_banner: false
hardening_sshd_permissions_set_sticky_bit: true
2022-11-21 15:02:03 +01:00
hardening_sysctl_vm_swappiness: 15
hardening_sysctl_disable_ipv6: false
2022-11-21 12:56:57 +01:00
hardening_modprobe_disable_list:
ipv6: [ipv6]
network_filesystems: [cifs,nfs,nfsv3,nfsv4,gfs2]
rare_filesystems: [cramfs,freevxfs,jffs2,hfs,hfsplus,squashfs,udf]
rare_protocols: [dccp,sctp,rds,tipc,n-hdlc,ax25,netrom,x25,rose,decnet,econet,af_802154,ipx,appletalk,psnap,p8023,p8022,can,atm]
vivid: [vivid]
hardening_journald_system_max_use: 250M
hardening_journald_system_max_file_size: 50M