add security setting

ansible/roles/security-settings/defaults/main.yml

@@ -0,0 +1,29 @@
+# Password aging settings
+os_auth_pw_max_age: 90
+os_auth_pw_min_age: 10
+os_auth_pw_warn_age: 7
+passhistory: 2
+
+# Inactivity and Failed attempts lockout settings
+fail_deny: 5
+fail_unlock: 0
+inactive_lock: 0
+shell_timeout: 300
+
+# tally settings
+onerr: 'fail'
+deny: 5
+unlock_time: 300
+
+# Password complexity settings
+pwquality_minlen: 9
+pwquality_maxrepeat: 3
+pwquality_lcredit: -1
+pwquality_ucredit: -1
+pwquality_dcredit: -1
+pwquality_ocredit: -1
+
+# SSH settings
+sshrootlogin: 'no'
+sshmainport: 22
+ssh_service_name: sshd