From 62ea3f550f722f7719b54b1e4db446cdbcfde140 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 12 Feb 2020 12:03:34 +0100
Subject: sshd: make ssh-allow-any-user check nicer

---
 roles/sshd/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'roles/sshd/tasks')

diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index a9393cfd..5eb15081 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -27,7 +27,7 @@
   notify: restart ssh
 
 - name: limit allowed users
-  when: ssh_allow_any_user is undefined or not ssh_allow_any_user
+  when: not ssh_allow_any_user
   lineinfile:
     dest: /etc/ssh/sshd_config
     regexp: "^AllowUsers\\s"
@@ -35,7 +35,7 @@
   notify: restart ssh
 
 - name: allow any user
-  when: ssh_allow_any_user is defined and ssh_allow_any_user
+  when: ssh_allow_any_user
   lineinfile:
     dest: /etc/ssh/sshd_config
     regexp: "^AllowUsers\\s"
-- 
cgit v1.2.3