You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33 lines
959 B
YAML
33 lines
959 B
YAML
---
|
|
- name: Restrict SSH to public key authentication
|
|
lineinfile:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#?AuthenticationMethods '
|
|
line: 'AuthenticationMethods publickey'
|
|
when: not ssh_allow_password
|
|
notify: reload sshd service
|
|
|
|
- name: Disable SSH password authentication
|
|
lineinfile:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#?PasswordAuthentication '
|
|
line: 'PasswordAuthentication no'
|
|
when: not ssh_allow_password
|
|
notify: reload sshd service
|
|
|
|
- name: Restrict SSH to public key and password authentication
|
|
lineinfile:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#?AuthenticationMethods '
|
|
line: 'AuthenticationMethods publickey password'
|
|
when: ssh_allow_password
|
|
notify: reload sshd service
|
|
|
|
- name: Enable SSH password authentication
|
|
lineinfile:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#?PasswordAuthentication '
|
|
line: 'PasswordAuthentication yes'
|
|
when: ssh_allow_password
|
|
notify: reload sshd service
|