From b705cd95dc0fa902b1845785bad0cbc3c8c9a10f Mon Sep 17 00:00:00 2001
From: dev-sec CI <hello@dev-sec.io>
Date: Mon, 24 Jun 2024 08:41:00 +0000
Subject: [PATCH] update ssh_hardening readme

---
 roles/ssh_hardening/README.md | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/roles/ssh_hardening/README.md b/roles/ssh_hardening/README.md
index 5a1042ba..34ac2469 100644
--- a/roles/ssh_hardening/README.md
+++ b/roles/ssh_hardening/README.md
@@ -46,7 +46,6 @@ For more information, see [this issue](https://github.com/dev-sec/ansible-collec
 <!-- BEGIN_ANSIBLE_DOCS -->
 
 ## Supported Operating Systems
-
 - EL
   - 8, 9
 - Ubuntu
@@ -215,9 +214,9 @@ For more information, see [this issue](https://github.com/dev-sec/ansible-collec
   - Type: str
   - Required: no
 - `ssh_gateway_ports`
-  - Default: `false`
+  - Default: `False`
   - Description: Set to `false` to disable binding forwarded ports to non-loopback addresses. Set to `true` to force binding on wildcard address. Set to `clientspecified` to allow the client to specify which address to bind to.
-  - Type: bool
+  - Type: raw
   - Required: no
 - `ssh_gssapi_delegation`
   - Default: `false`
@@ -404,6 +403,11 @@ For more information, see [this issue](https://github.com/dev-sec/ansible-collec
   - Description: a list of revoked public keys that the ssh server will always reject, useful to revoke known weak or compromised keys.
   - Type: list
   - Required: no
+- `ssh_server_service_enabled`
+  - Default: `true`
+  - Description: Set to `false` to disable starting sshd at boot.
+  - Type: bool
+  - Required: no
 - `ssh_trusted_user_ca_keys`
   - Default: ``
   - Description: set the trusted certificate authorities public keys used to sign user certificates. Only used if `ssh_trusted_user_ca_keys_file` is set.