summaryrefslogtreecommitdiff
path: root/roles/sshd/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/sshd/tasks/main.yml')
-rw-r--r--roles/sshd/tasks/main.yml11
1 files changed, 10 insertions, 1 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index d73d778b..a9393cfd 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -27,12 +27,21 @@
notify: restart ssh
- name: limit allowed users
+ when: ssh_allow_any_user is undefined or not ssh_allow_any_user
lineinfile:
dest: /etc/ssh/sshd_config
- regexp: "^AllowUsers"
+ regexp: "^AllowUsers\\s"
line: "AllowUsers {{ ' '.join([ 'root' ] | union(ssh_allowusers_group | default([])) | union(ssh_allowusers_host | default([]))) }}"
notify: restart ssh
+- name: allow any user
+ when: ssh_allow_any_user is defined and ssh_allow_any_user
+ lineinfile:
+ dest: /etc/ssh/sshd_config
+ regexp: "^AllowUsers\\s"
+ state: absent
+ notify: restart ssh
+
- name: install ssh keys for root
authorized_key:
user: root
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 05:22:30 +0000