diff options
author | Christian Pointner <equinox@spreadspace.org> | 2018-12-09 14:03:05 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2018-12-09 14:03:05 +0100 |
commit | a02e756446b9b23beba6dcaa60845d1fa70488cb (patch) | |
tree | 3bade44762e3f85b4795b659a6c44ac363e92783 /roles/sshserver/tasks/main.yml | |
parent | refactoring sshserver role (diff) |
renamed sshserver role to sshd
Diffstat (limited to 'roles/sshserver/tasks/main.yml')
-rw-r--r-- | roles/sshserver/tasks/main.yml | 40 |
1 files changed, 0 insertions, 40 deletions
diff --git a/roles/sshserver/tasks/main.yml b/roles/sshserver/tasks/main.yml deleted file mode 100644 index e638905b..00000000 --- a/roles/sshserver/tasks/main.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -- name: install ssh-server - apt: - name: openssh-server - state: present - -- name: hardening ssh-server config - lineinfile: - regexp: "^#?\\s*{{ item.key }}" - line: "{{ item.key }} {{ item.value }}" - dest: /etc/ssh/sshd_config - mode: 0644 - with_dict: - IgnoreRhosts: "yes" - PermitRootLogin: "without-password" - PubkeyAuthentication: "yes" - HostbasedAuthentication: "no" - PermitEmptyPasswords: "no" - UseDNS: "no" - loop_control: - label: "{{ item.key }}" - notify: restart ssh - -- name: limit allowed users - lineinfile: - dest: /etc/ssh/sshd_config - regexp: "^AllowUsers" - line: "AllowUsers {{ ' '.join([ 'root' ] | union(ssh_allowusers_group | default([])) | union(ssh_allowusers_host | default([]))) }}" - notify: restart ssh - -- name: install ssh keys for root - authorized_key: - user: root - key: "{{ ssh_keys_root | join('\n') }}" - exclusive: yes - -- name: delete root password - user: - name: root - password: "!" |