aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEmil Renner Berthing <esmil@labitat.dk>2020-02-27 18:00:18 +0100
committerEmil Renner Berthing <esmil@labitat.dk>2020-02-27 18:00:18 +0100
commit4a839b51c24a6587f498272e0d26041404577d90 (patch)
treec3a14824a9adff43b26a782857e7217796cf670e
parent4c4ec997ff50631fb83d6772b3e349bd9bf784b3 (diff)
downloadlabitat-ansible-4a839b51c24a6587f498272e0d26041404577d90.tar.gz
labitat-ansible-4a839b51c24a6587f498272e0d26041404577d90.tar.xz
labitat-ansible-4a839b51c24a6587f498272e0d26041404577d90.zip
debian: sshd: set PermitRootLogin no
-rw-r--r--roles/debian/tasks/sshd.yml4
1 files changed, 3 insertions, 1 deletions
diff --git a/roles/debian/tasks/sshd.yml b/roles/debian/tasks/sshd.yml
index c342604..03f3279 100644
--- a/roles/debian/tasks/sshd.yml
+++ b/roles/debian/tasks/sshd.yml
@@ -29,9 +29,11 @@
regexp: '{{ item.regexp }}'
line: '{{ item.line }}'
with_items:
+ - regexp: '^[# ]*PermitRootLogin'
+ line: 'PermitRootLogin no'
- regexp: '^[# ]*PasswordAuthentication'
line: 'PasswordAuthentication no'
- - regexp: '^#*GSSAPIAuthentication'
+ - regexp: '^[# ]*GSSAPIAuthentication'
line: 'GSSAPIAuthentication no'
notify: restart sshd