diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 17 |
1 files changed, 17 insertions, 0 deletions
@@ -38,10 +38,27 @@ This repository contains a collection of Ansible roles and playbooks designed to - Deploys necessary systemd services for SSH multiplexing. - Provides a SSH access method over HTTP/S. +### `roles/ssh-port-fwd-user/` - SSH port forwarding limited user +- Creates a restricted user intended solely for SSH port forwarding. +- Disables shell access (/bin/false) to prevent interactive logins. +- Allows only ssh -L, ssh -R, or ssh -D forwarding operations. +- Sets up .ssh/authorized_keys with optional key-based access. +- Configures sshd Match blocks to enforce restrictions for the user. +- Prevents execution of arbitrary commands or shell escapes. + ### `roles/tor/` - Tor installation and configuration - Installs and configures the Tor service. - Ensures Tor is routing traffic correctly. +### `roles/xrdp/` - Lightweight RDP access via xrdp +- Installs and configures the xrdp remote desktop server. +- Optionally binds RDP service to localhost only. +- Applies TCP optimizations in /etc/sysctl.conf for smooth RDP performance. +- Configures xrdp.ini with enhanced settings for single-user scenarios. +- Installs supporting packages (xorg, tigervnc-standalone-server, etc.). +- Disables root login over RDP. +- Installs custom Polkit rules to allow common user actions (e.g., color profile changes, reboot). + ## Usage - Clone this repository onto your control machine. |