Update to 2021-12-13 19:00

roles/ssh/defaults/main.yml

@@ -1,31 +1,35 @@
 ---
 
-# List of port sshd will bind to
-sshd_ports: [ '22' ]
+# List of port sshd will listen on
+sshd_ports:
+  - 22
+
+# Will restrict ssh access to the following IP/CIDR (only if iptables_manage == True)
+sshd_src_ip:
+  - 0.0.0.0/0
 
-# Will restrict ssh access to the following IP
-# 
-sshd_src_ip: []
 # sshd_src_ip:
 #  - 12.13.14.15
 #  - 192.168.17.0/24
 
-sshd_permit_root_login: no
-sshd_password_auth: yes
+# Allow the root user to login
+sshd_permit_root_login: False
+# Allow password authentication
+sshd_password_auth: True
 
 # Control the AllowUsers, DenyUsers, AllowGroups and DenyGroups
 # sshd_allow_users:
-#   - fws
-#   - dani
+#   - xavier
+#   - dani@EXAMPLE.ORG
 # sshd_deny_users:
 #   - dimitri
 #   - flo
 # sshd_allow_groups:
 #   - tech
-#   - support
+#   - support@EXAMPLE.ORG
 # sshd_deny_groups:
 #   - sales
-#   - interim
+#   - interim@EXAMPLE.ORG
 #
 #
 
@@ -52,7 +56,7 @@ sshd_password_auth: yes
 #        run_as: root
 #        nopasswd: False
 #
-#ssh_extra_users (can be used as ssh_users)
+#ssh_extra_users (can be used as ssh_users, both will be merged)
 #  
 #
 # Max number of conn / minute. 0 to disable rate limit