Bertrand Lanson
edf6d4b74e
Some checks failed
test / Linting (push) Failing after 11s
test / Molecule tests (default, debian11) (push) Has been skipped
test / Molecule tests (default, debian12) (push) Has been skipped
test / Molecule tests (default, ubuntu2004) (push) Has been skipped
test / Molecule tests (default, ubuntu2204) (push) Has been skipped
test / Molecule tests (with_ssh_keys, debian11) (push) Has been skipped
test / Molecule tests (with_ssh_keys, debian12) (push) Has been skipped
test / Molecule tests (with_ssh_keys, ubuntu2004) (push) Has been skipped
test / Molecule tests (with_ssh_keys, ubuntu2204) (push) Has been skipped
26 lines
693 B
YAML
26 lines
693 B
YAML
---
|
|
# task/configure_host file for provision_management_user
|
|
- name: "Lock root password authentication"
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
regexp: '^PasswordAuthentication'
|
|
line: "PasswordAuthentication no"
|
|
state: present
|
|
backup: yes
|
|
notify:
|
|
- systemctl-restart-sshd
|
|
when: provision_management_user_disable_root_password_auth
|
|
become: true
|
|
|
|
- name: "Lock root authentication"
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
regexp: '^PermitRootLogin'
|
|
line: "PermitRootLogin no"
|
|
state: present
|
|
backup: yes
|
|
notify:
|
|
- systemctl-restart-sshd
|
|
when: provision_management_user_disable_root_login
|
|
become: true
|