{"id":7397,"status":"changed","playbook":{"id":107,"items":{"plays":1,"tasks":1,"results":4,"hosts":4,"files":1,"records":0},"arguments":{"version":null,"verbosity":2,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"inventory":["/home/ssh-gateway/ansible/hosts-zimbra-staging"],"listhosts":false,"subset":null,"poll_interval":15,"seconds":0,"one_line":false,"tree":null,"private_key_file":"/home/ssh-gateway/.ssh/id_rsa","remote_user":"root","connection":"ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"check":false,"diff":false,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":30,"module_path":null,"basedir":null,"task_timeout":0,"module_args":"cat /etc/ssh/sshd_config","module_name":"shell","args":"all"},"labels":[{"id":1,"name":"remote_user:root"},{"id":2,"name":"check:False"}],"started":"2024-04-03T10:22:13.839716+01:00","ended":"2024-04-03T10:22:15.309186+01:00","duration":"00:00:01.469470","name":null,"ansible_version":"2.16.4","client_version":"1.7.1","python_version":"3.10.10","server_version":"1.7.2.dev2","status":"completed","path":"Ad-Hoc: shell: cat /etc/ssh/sshd_config","controller":"ssh-gw-4.layershift.com","user":"root"},"play":{"id":107,"items":{"tasks":1,"results":4},"started":"2024-04-03T10:22:13.954287+01:00","ended":"2024-04-03T10:22:15.057516+01:00","duration":"00:00:01.103229","name":"Ansible Ad-Hoc","status":"completed"},"task":{"id":179,"items":{"results":4},"path":"Ad-Hoc: shell: cat /etc/ssh/sshd_config","tags":[],"started":"2024-04-03T10:22:14.053618+01:00","ended":"2024-04-03T10:22:15.007341+01:00","duration":"00:00:00.953723","name":"shell","uuid":"001851d0-75dc-f9d7-38a1-000000000008","action":"shell","lineno":1,"handler":false,"status":"completed","warnings":[],"deprecations":[],"exceptions":[],"file":107},"host":{"id":4108,"name":"zm-mbox1-stage","changed":1,"failed":0,"ok":1,"skipped":0,"unreachable":0},"delegated_to":[],"content":{"changed":true,"cmd":"cat /etc/ssh/sshd_config","delta":"0:00:00.004007","end":"2024-04-03 10:22:14.661638","invocation":{"module_args":{"_raw_params":"cat /etc/ssh/sshd_config","_uses_shell":true,"argv":null,"chdir":null,"creates":null,"executable":null,"expand_argument_vars":true,"removes":null,"stdin":null,"stdin_add_newline":true,"strip_empty_ends":true}},"msg":"","rc":0,"start":"2024-04-03 10:22:14.657631","stderr":"","stderr_lines":[],"stdout":"#\t$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $\n\n# This is the sshd server system-wide configuration file.  See\n# sshd_config(5) for more information.\n\n# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin\n\n# The strategy used for options in the default sshd_config shipped with\n# OpenSSH is to specify options with their default value where\n# possible, but leave them commented.  Uncommented options override the\n# default value.\n\n# If you want to change the port on a SELinux system, you have to tell\n# SELinux about this change.\n# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER\n#\n#AddressFamily any\n#ListenAddress 0.0.0.0\n#ListenAddress ::\n\nHostKey /etc/ssh/ssh_host_rsa_key\nHostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\n\n# Ciphers and keying\n#RekeyLimit default none\n\n# This system is following system-wide crypto policy. The changes to\n# crypto properties (Ciphers, MACs, ...) will not have any effect here.\n# They will be overridden by command-line options passed to the server\n# on command line.\n# Please, check manual pages for update-crypto-policies(8) and sshd_config(5).\n\n# Logging\n#SyslogFacility AUTH\nSyslogFacility AUTHPRIV\n#LogLevel INFO\n\n# Authentication:\n\n#LoginGraceTime 2m\nPermitRootLogin yes\n#StrictModes yes\n#MaxAuthTries 6\n#MaxSessions 10\n\n#PubkeyAuthentication yes\n\n# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2\n# but this is overridden so installations will only check .ssh/authorized_keys\nAuthorizedKeysFile .ssh/authorized_keys\n\n#AuthorizedPrincipalsFile none\n\n#AuthorizedKeysCommand none\n#AuthorizedKeysCommandUser nobody\n\n# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts\n#HostbasedAuthentication no\n# Change to yes if you don't trust ~/.ssh/known_hosts for\n# HostbasedAuthentication\n#IgnoreUserKnownHosts no\n# Don't read the user's ~/.rhosts and ~/.shosts files\n#IgnoreRhosts yes\n\n# To disable tunneled clear text passwords, change to no here!\n#PasswordAuthentication yes\n#PermitEmptyPasswords no\nPasswordAuthentication yes\n\n# Change to no to disable s/key passwords\n#ChallengeResponseAuthentication yes\nChallengeResponseAuthentication no\n\n# Kerberos options\n#KerberosAuthentication no\n#KerberosOrLocalPasswd yes\n#KerberosTicketCleanup yes\n#KerberosGetAFSToken no\n#KerberosUseKuserok yes\n\n# GSSAPI options\nGSSAPIAuthentication yes\nGSSAPICleanupCredentials no\n#GSSAPIStrictAcceptorCheck yes\n#GSSAPIKeyExchange no\n#GSSAPIEnablek5users no\n\n# Set this to 'yes' to enable PAM authentication, account processing,\n# and session processing. If this is enabled, PAM authentication will\n# be allowed through the ChallengeResponseAuthentication and\n# PasswordAuthentication.  Depending on your PAM configuration,\n# PAM authentication via ChallengeResponseAuthentication may bypass\n# If you just want the PAM account and session checks to run without\n# PAM authentication, then enable this but set PasswordAuthentication\n# and ChallengeResponseAuthentication to 'no'.\n# WARNING: 'UsePAM no' is not supported in RHEL and may cause several\n# problems.\nUsePAM yes\n\n#AllowAgentForwarding yes\n#AllowTcpForwarding yes\n#GatewayPorts no\nX11Forwarding yes\n#X11DisplayOffset 10\n#X11UseLocalhost yes\n#PermitTTY yes\n\n# It is recommended to use pam_motd in /etc/pam.d/sshd instead of PrintMotd,\n# as it is more configurable and versatile than the built-in version.\nPrintMotd no\n\n#PrintLastLog yes\n#TCPKeepAlive yes\n#PermitUserEnvironment no\n#Compression delayed\n#ClientAliveInterval 0\n#ClientAliveCountMax 3\n#UseDNS no\n#PidFile /var/run/sshd.pid\n#MaxStartups 10:30:100\n#PermitTunnel no\n#ChrootDirectory none\n#VersionAddendum none\n\n# no default banner path\n#Banner none\n\n# Accept locale-related environment variables\nAcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES\nAcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT\nAcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE\nAcceptEnv XMODIFIERS\n\n# override default of no subsystems\nSubsystem sftp\t/usr/libexec/openssh/sftp-server\n\n# Example of overriding settings on a per-user basis\n#Match User anoncvs\n#\tX11Forwarding no\n#\tAllowTcpForwarding no\n#\tPermitTTY no\n#\tForceCommand cvs server","stdout_lines":["#\t$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $","","# This is the sshd server system-wide configuration file.  See","# sshd_config(5) for more information.","","# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin","","# The strategy used for options in the default sshd_config shipped with","# OpenSSH is to specify options with their default value where","# possible, but leave them commented.  Uncommented options override the","# default value.","","# If you want to change the port on a SELinux system, you have to tell","# SELinux about this change.","# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER","#","#AddressFamily any","#ListenAddress 0.0.0.0","#ListenAddress ::","","HostKey /etc/ssh/ssh_host_rsa_key","HostKey /etc/ssh/ssh_host_ecdsa_key","HostKey /etc/ssh/ssh_host_ed25519_key","","# Ciphers and keying","#RekeyLimit default none","","# This system is following system-wide crypto policy. The changes to","# crypto properties (Ciphers, MACs, ...) will not have any effect here.","# They will be overridden by command-line options passed to the server","# on command line.","# Please, check manual pages for update-crypto-policies(8) and sshd_config(5).","","# Logging","#SyslogFacility AUTH","SyslogFacility AUTHPRIV","#LogLevel INFO","","# Authentication:","","#LoginGraceTime 2m","PermitRootLogin yes","#StrictModes yes","#MaxAuthTries 6","#MaxSessions 10","","#PubkeyAuthentication yes","","# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2","# but this is overridden so installations will only check .ssh/authorized_keys","AuthorizedKeysFile .ssh/authorized_keys","","#AuthorizedPrincipalsFile none","","#AuthorizedKeysCommand none","#AuthorizedKeysCommandUser nobody","","# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts","#HostbasedAuthentication no","# Change to yes if you don't trust ~/.ssh/known_hosts for","# HostbasedAuthentication","#IgnoreUserKnownHosts no","# Don't read the user's ~/.rhosts and ~/.shosts files","#IgnoreRhosts yes","","# To disable tunneled clear text passwords, change to no here!","#PasswordAuthentication yes","#PermitEmptyPasswords no","PasswordAuthentication yes","","# Change to no to disable s/key passwords","#ChallengeResponseAuthentication yes","ChallengeResponseAuthentication no","","# Kerberos options","#KerberosAuthentication no","#KerberosOrLocalPasswd yes","#KerberosTicketCleanup yes","#KerberosGetAFSToken no","#KerberosUseKuserok yes","","# GSSAPI options","GSSAPIAuthentication yes","GSSAPICleanupCredentials no","#GSSAPIStrictAcceptorCheck yes","#GSSAPIKeyExchange no","#GSSAPIEnablek5users no","","# Set this to 'yes' to enable PAM authentication, account processing,","# and session processing. If this is enabled, PAM authentication will","# be allowed through the ChallengeResponseAuthentication and","# PasswordAuthentication.  Depending on your PAM configuration,","# PAM authentication via ChallengeResponseAuthentication may bypass","# If you just want the PAM account and session checks to run without","# PAM authentication, then enable this but set PasswordAuthentication","# and ChallengeResponseAuthentication to 'no'.","# WARNING: 'UsePAM no' is not supported in RHEL and may cause several","# problems.","UsePAM yes","","#AllowAgentForwarding yes","#AllowTcpForwarding yes","#GatewayPorts no","X11Forwarding yes","#X11DisplayOffset 10","#X11UseLocalhost yes","#PermitTTY yes","","# It is recommended to use pam_motd in /etc/pam.d/sshd instead of PrintMotd,","# as it is more configurable and versatile than the built-in version.","PrintMotd no","","#PrintLastLog yes","#TCPKeepAlive yes","#PermitUserEnvironment no","#Compression delayed","#ClientAliveInterval 0","#ClientAliveCountMax 3","#UseDNS no","#PidFile /var/run/sshd.pid","#MaxStartups 10:30:100","#PermitTunnel no","#ChrootDirectory none","#VersionAddendum none","","# no default banner path","#Banner none","","# Accept locale-related environment variables","AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES","AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT","AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE","AcceptEnv XMODIFIERS","","# override default of no subsystems","Subsystem sftp\t/usr/libexec/openssh/sftp-server","","# Example of overriding settings on a per-user basis","#Match User anoncvs","#\tX11Forwarding no","#\tAllowTcpForwarding no","#\tPermitTTY no","#\tForceCommand cvs server"]},"created":"2024-04-03T10:22:14.773188+01:00","updated":"2024-04-03T10:22:14.773228+01:00","started":"2024-04-03T10:22:14.257320+01:00","ended":"2024-04-03T10:22:14.713622+01:00","duration":"00:00:00.456302","changed":true,"ignore_errors":false}