47 lines
1.4 KiB
YAML
47 lines
1.4 KiB
YAML
---
|
|
# - name: Change ssh port
|
|
# lineinfile: dest=/etc/ssh/sshd_config
|
|
# regexp="^Port\s"
|
|
# line="Port {{ centos_common_ssh_port }}"
|
|
# state=present
|
|
# notify: Restart ssh
|
|
|
|
# - name: Disallow password authentication
|
|
# lineinfile: dest=/etc/ssh/sshd_config
|
|
# regexp="^PasswordAuthentication"
|
|
# line="PasswordAuthentication no"
|
|
# state=present
|
|
# notify: Restart ssh
|
|
|
|
#- name: Allow SSH root access without password
|
|
# lineinfile: dest=/etc/ssh/sshd_config
|
|
# regexp="^PermitRootLogin"
|
|
# line="PermitRootLogin without-password"
|
|
# state=present
|
|
# notify: Restart ssh
|
|
|
|
- name: Installation de la configuration ssh
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
backup: 'yes'
|
|
validate: '/usr/sbin/sshd -t -f %s'
|
|
|
|
with_first_found:
|
|
- files:
|
|
- sshd_config-{{ ansible_hostname }}.j2
|
|
- sshd_config-{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.j2
|
|
- sshd_config.j2
|
|
# paths:
|
|
# - ../templates
|
|
notify: Restart ssh
|
|
|
|
#- name: Installation de la configuration ssh
|
|
# template: src="templates/sshd_config--{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.j2" dest=/etc/ssh/sshd_config owner=root group=root mode=0600
|
|
# when:
|
|
# - ansible_os_family == "RedHat"
|
|
# - ansible_distribution_major_version == "7"
|
|
# notify: Restart ssh
|