New in version 2.2.
Manage the SSHD settings of a BIG-IP
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| allow | no |
| Specifies, if you have enabled SSH access, the IP address or address range for other systems that can use SSH to communicate with this system. |
|
| banner | no |
| Whether to enable the banner or not. |
|
| banner_text | no | Specifies the text to include on the pre-login banner that displays when a user attempts to login to the system using SSH. |
||
| inactivity_timeout | no | Specifies the number of seconds before inactivity causes an SSH session to log out. |
||
| log_level | no |
| Specifies the minimum SSHD message level to include in the system log. |
|
| login | no |
| Specifies, when checked enabled, that the system accepts SSH communications. |
|
| password | yes | The password for the user account used to connect to the BIG-IP. |
||
| port | no | Port that you want the SSH daemon to run on. |
||
| server | yes | The BIG-IP host. |
||
| server_port (added in 2.2)
| no | 443 | The BIG-IP server port. |
|
| user | yes | The username to connect to the BIG-IP with. This user must have administrative privileges on the device. |
||
| validate_certs (added in 2.0)
| no | True |
| If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. |
- name: Set the banner for the SSHD service from a string
bigip_device_sshd:
banner: "enabled"
banner_text: "banner text goes here"
password: "secret"
server: "lb.mydomain.com"
user: "admin"
delegate_to: localhost
- name: Set the banner for the SSHD service from a file
bigip_device_sshd:
banner: "enabled"
banner_text: "{{ lookup('file', '/path/to/file') }}"
password: "secret"
server: "lb.mydomain.com"
user: "admin"
delegate_to: localhost
- name: Set the SSHD service to run on port 2222
bigip_device_sshd:
password: "secret"
port: 2222
server: "lb.mydomain.com"
user: "admin"
delegate_to: localhost
Common return values are documented here Common Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| log_level | The minimum SSHD message level to include in the system log. | changed | string | debug |
| allow | Specifies, if you have enabled SSH access, the IP address or address range for other systems that can use SSH to communicate with this system. | changed | string | 192.0.2.* |
| banner_text | Specifies the text included on the pre-login banner that displays when a user attempts to login to the system using SSH. | changed and success | string | This is a corporate device. Connecting to it without... |
| inactivity_timeout | The number of seconds before inactivity causes an SSH. session to log out | changed | int | 10 |
| login | Specifies that the system accepts SSH communications or not. | bool | True | |
| banner | Whether the banner is enabled or not. | changed | string | true |
| port | Port that you want the SSH daemon to run on. | int | 22 |
Note
Requires the f5-sdk Python package on the host This is as easy as pip install f5-sdk.
Note
Requires BIG-IP version 12.0.0 or greater
For more information on what this means please read Extras Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, developing_test_pr and Developing Modules.
© 2012–2016 Michael DeHaan
© 2016 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/bigip_device_sshd_module.html