sshd_config.j2: add more variables.

group_vars/all/main.yml

@@ -928,6 +928,12 @@ sshd_host_keys:
   - /etc/ssh/ssh_host_ecdsa_key
   - /etc/ssh/ssh_host_ed25519_key
 
+sshd_max_startups: !!str "10:30:100"
+
+sshd_max_auth_tries: 3
+
+sshd_max_sessions: 10
+
 sshd_permit_root_login: !!str "no"
 
 sshd_authorized_keys_file: ".ssh/authorized_keys .ssh/authorized_keys2"

host_vars/file-mbr.mbr-bln.netz.yml

@@ -13,6 +13,8 @@ set_default_limit_nofile: true
 # vars used by roles/common/tasks/sshd.yml
 # ---
 
+sshd_max_auth_tries: 6
+
 sshd_permit_root_login: !!str "yes"
 
 sshd_password_authentication: !!str "yes"

roles/common/templates/etc/ssh/sshd_config.j2

@@ -54,17 +54,17 @@ HostKey {{ item }}
 # The default is 10.
 #MaxStartups 10:30:100
 #MaxStartups 3
-MaxStartups 10:30:100
+MaxStartups {{ sshd_max_startups }}
 
 # Specifies the maximum number of authentication attempts permitted per
 # connection.
 # The default is 6.
-MaxAuthTries 3
+MaxAuthTries {{ sshd_max_auth_tries }}
 
 # Specifies the maximum number of open sessions permitted per network
 # connection.
 # The default is 10.
-MaxSessions 10
+MaxSessions {{ sshd_max_sessions }}
 
 
 #-----------------------------