diff options
Diffstat (limited to 'roles/sshd')
-rw-r--r-- | roles/sshd/tasks/main.yml | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index d73d778b..a9393cfd 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -27,12 +27,21 @@ notify: restart ssh - name: limit allowed users + when: ssh_allow_any_user is undefined or not ssh_allow_any_user lineinfile: dest: /etc/ssh/sshd_config - regexp: "^AllowUsers" + regexp: "^AllowUsers\\s" line: "AllowUsers {{ ' '.join([ 'root' ] | union(ssh_allowusers_group | default([])) | union(ssh_allowusers_host | default([]))) }}" notify: restart ssh +- name: allow any user + when: ssh_allow_any_user is defined and ssh_allow_any_user + lineinfile: + dest: /etc/ssh/sshd_config + regexp: "^AllowUsers\\s" + state: absent + notify: restart ssh + - name: install ssh keys for root authorized_key: user: root |