2020-08-18 11:57:53 +02:00
|
|
|
---
|
|
|
|
- name: prohibit ssh login with password
|
|
|
|
become: yes
|
2020-11-21 19:41:19 +01:00
|
|
|
ansible.builtin.lineinfile:
|
2020-08-18 11:57:53 +02:00
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
regexp: '#PasswordAuthentication yes'
|
|
|
|
line: 'PasswordAuthentication no'
|
|
|
|
state: present
|
2020-12-25 20:56:42 +01:00
|
|
|
validate: "/usr/sbin/sshd -T -f %s"
|
2020-08-18 11:57:53 +02:00
|
|
|
notify: restart_sshd
|
2021-10-17 19:40:18 +02:00
|
|
|
|
|
|
|
- name: prohibit ssh login with password
|
|
|
|
become: yes
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
regexp: 'PasswordAuthentication yes'
|
|
|
|
line: 'PasswordAuthentication no'
|
|
|
|
state: present
|
|
|
|
validate: "/usr/sbin/sshd -T -f %s"
|
|
|
|
notify: restart_sshd
|
|
|
|
|
|
|
|
|
|
|
|
- name: prohibit ssh root login with password
|
|
|
|
become: yes
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
regexp: 'PermitRootLogin yes'
|
|
|
|
line: 'PermitRootLogin no'
|
|
|
|
state: present
|
|
|
|
validate: "/usr/sbin/sshd -T -f %s"
|
|
|
|
notify: restart_sshd
|