From d3af1320c91a611bcfe5209ce9b4a83ee0d8881b Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Wed, 14 Jun 2017 15:53:15 +0200 Subject: [PATCH] SSH: log level to verbose for Stretch and later --- evolinux-base/tasks/ssh.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/evolinux-base/tasks/ssh.yml b/evolinux-base/tasks/ssh.yml index d83e95d8..ddfbd38c 100644 --- a/evolinux-base/tasks/ssh.yml +++ b/evolinux-base/tasks/ssh.yml @@ -30,6 +30,7 @@ dest: /etc/ssh/sshd_config regexp: '^PermitRootLogin (yes|without-password)' replace: "PermitRootLogin no" + notify: reload sshd when: evolinux_ssh_disable_root - name: disable AcceptEnv in ssh config @@ -37,6 +38,17 @@ dest: /etc/ssh/sshd_config regexp: '^AcceptEnv' replace: "#AcceptEnv" + notify: reload sshd when: evolinux_ssh_disable_acceptenv +- name: Set log level to verbose (for Debian >= 9) + replace: + dest: /etc/ssh/sshd_config + regexp: '^LogLevel [A-Z]+' + replace: "LogLevel VERBOSE" + notify: reload sshd + when: + - ansible_distribution == "Debian" + - ansible_distribution_major_version | version_compare('9.0', '>=') + - meta: flush_handlers