Adding initial files
This commit is contained in:
5
roles/ssh/handlers/main.yml
Normal file
5
roles/ssh/handlers/main.yml
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: restart ssh
|
||||
service:
|
||||
name: ssh
|
||||
state: restarted
|
||||
34
roles/ssh/tasks/main.yml
Normal file
34
roles/ssh/tasks/main.yml
Normal file
@@ -0,0 +1,34 @@
|
||||
---
|
||||
- name: Remove any PermitRootLogin instruction
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^PermitRootLogin"
|
||||
state: absent
|
||||
notify: restart ssh
|
||||
|
||||
- name: Disable SSH root login
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^PermitRootLogin"
|
||||
line: "PermitRootLogin prohibit-password"
|
||||
state: present
|
||||
notify: restart ssh
|
||||
|
||||
- name: Disable password authentication
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^#?PasswordAuthentication"
|
||||
line: "PasswordAuthentication no"
|
||||
state: present
|
||||
notify: restart ssh
|
||||
|
||||
- name: Set SSH port
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^Port"
|
||||
line: "Port {{sshd_port}}"
|
||||
state: present
|
||||
notify: restart ssh
|
||||
|
||||
- name: Test
|
||||
lineinfile
|
||||
Reference in New Issue
Block a user