users and group are actually lists.

templates/sshd_config_Alpine.j2

@@ -72,9 +72,9 @@ AcceptEnv {{ item }}
 Subsystem {{ openssh_subsystem }}
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
+AllowGroups {{ openssh_allow_groups | join(' ') }}
 {% endif %}

templates/sshd_config_Archlinux.j2

@@ -79,11 +79,10 @@ AcceptEnv {{ item }}
 Subsystem {{ openssh_subsystem }}
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
-{% endif %}
+AllowGroups {{ openssh_allow_groups | join(' ') }}
 
 TrustedUserCAKeys {{ openssh_trusted_user_ca_keys }}

templates/sshd_config_Debian.j2

@@ -80,11 +80,11 @@ AcceptEnv {{ item }}
 Subsystem {{ openssh_subsystem }}
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
+AllowGroups {{ openssh_allow_groups | join(' ') }}
 {% endif %}
 
 TrustedUserCAKeys {{ openssh_trusted_user_ca_keys }}

templates/sshd_config_Fedora.j2

@@ -81,11 +81,11 @@ AcceptEnv {{ item }}
 Subsystem {{ openssh_subsystem }}
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
+AllowGroups {{ openssh_allow_groups | join(' ' ) }}
 {% endif %}
 
 TrustedUserCAKeys {{ openssh_trusted_user_ca_keys }}

templates/sshd_config_RedHat-7.j2

@@ -82,11 +82,11 @@ AcceptEnv {{ item }}
 Subsystem {{ openssh_subsystem }}
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
+AllowGroups {{ openssh_allow_groups | join(' ') }}
 {% endif %}
 
 TrustedUserCAKeys {{ openssh_trusted_user_ca_keys }}

templates/sshd_config_RedHat.j2

@@ -148,11 +148,11 @@ Subsystem {{ openssh_subsystem }}
 #	ForceCommand cvs server
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
+AllowGroups {{ openssh_allow_groups | join(' ') }}
 {% endif %}
 
 TrustedUserCAKeys {{ openssh_trusted_user_ca_keys }}

templates/sshd_config_Suse.j2

@@ -80,11 +80,11 @@ AcceptEnv {{ item }}
 Subsystem {{ openssh_subsystem }}
 
 {% if openssh_allow_users is defined %}
-AllowUsers {{ openssh_allow_users }}
+AllowUsers {{ openssh_allow_users | join(' ') }}
 {% endif %}
 
 {% if openssh_allow_groups is defined %}
-AllowGroups {{ openssh_allow_groups }}
+AllowGroups {{ openssh_allow_groups | join(' ') }}
 {% endif %}
 
 TrustedUserCAKeys {{ openssh_trusted_user_ca_keys }}

vars/main.yml

@@ -9,13 +9,10 @@ _openssh_packages:
 
 openssh_packages: "{{ _openssh_packages[ansible_os_family] | default(_openssh_packages['default']) }}"
 
-_openssh_key_types:
-  default:
-    - rsa
-    - ecdsa
-    - ed25519
-
-openssh_key_types: "{{ _openssh_key_types[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_openssh_key_types['default'] ) }}"
+openssh_key_types:
+  - rsa
+  - ecdsa
+  - ed25519
 
 openssh_run_directory: /run/sshd
 
@@ -26,7 +23,6 @@ _openssh_service:
   Debian-bullseye: ssh
   Ubuntu-19: ssh
   Ubuntu-20: ssh
-  Kali-kali-rolling: ssh
 
 openssh_service: "{{ _openssh_service[ansible_distribution ~ '-' ~ ansible_distribution_release] | default(_openssh_service['default'] ) }}"