aboutsummaryrefslogtreecommitdiff
path: root/roles/sshd/tasks
diff options
context:
space:
mode:
authorJohannes Stoelp <johannes.stoelp@gmail.com>2022-12-05 21:42:17 +0100
committerJohannes Stoelp <johannes.stoelp@gmail.com>2022-12-05 21:42:17 +0100
commit3b040fac09eb158caf963d7c956610f99f8e0c17 (patch)
treea39b2297abf2d404e1c974aebdd2fb17ffa2de69 /roles/sshd/tasks
downloadansible-memzero-3b040fac09eb158caf963d7c956610f99f8e0c17.tar.gz
ansible-memzero-3b040fac09eb158caf963d7c956610f99f8e0c17.zip
initial ansible setup
Diffstat (limited to 'roles/sshd/tasks')
-rw-r--r--roles/sshd/tasks/main.yml13
1 files changed, 13 insertions, 0 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
new file mode 100644
index 0000000..c4dd9ea
--- /dev/null
+++ b/roles/sshd/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+- name: Configure sshd
+ become: True
+ lineinfile:
+ dest: "/etc/ssh/sshd_config"
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
+ notify: Restart sshd
+ loop:
+ - { regex: '^(#\s*)?PermitEmptyPasswords' , line: 'PermitEmptyPasswords no' }
+ - { regex: '^(#\s*)?PermitRootLogin' , line: 'PermitRootLogin no' }
+ - { regex: '^(#\s*)?PasswordAuthentication', line: 'PasswordAuthentication no' }
+ - { regex: '^(#\s*)?UsePAM' , line: 'UsePAM yes' } \ No newline at end of file