forked from evolix/ansible-roles
Update PermitRootLogin task to work on Debian 11
This commit is contained in:
parent
050c61c220
commit
519ef930df
|
@ -16,6 +16,9 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
* evolinux-base : Update PermitRootLogin task to work on Debian 11
|
||||||
|
* evolinux-user : Update PermitRootLogin task to work on Debian 11
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
|
@ -91,7 +91,7 @@
|
||||||
- name: disable SSH access for root
|
- name: disable SSH access for root
|
||||||
replace:
|
replace:
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
regexp: '^PermitRootLogin (yes|without-password|prohibit-password)'
|
regexp: '^#?PermitRootLogin (yes|without-password|prohibit-password)'
|
||||||
replace: "PermitRootLogin no"
|
replace: "PermitRootLogin no"
|
||||||
validate: '/usr/sbin/sshd -t -f %s'
|
validate: '/usr/sbin/sshd -t -f %s'
|
||||||
notify: reload sshd
|
notify: reload sshd
|
||||||
|
|
|
@ -56,7 +56,7 @@
|
||||||
- name: disable root login
|
- name: disable root login
|
||||||
replace:
|
replace:
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
regexp: '^PermitRootLogin (yes|without-password|prohibit-password)'
|
regexp: '^#PermitRootLogin (yes|without-password|prohibit-password)'
|
||||||
replace: "PermitRootLogin no"
|
replace: "PermitRootLogin no"
|
||||||
notify: reload sshd
|
notify: reload sshd
|
||||||
when: evolinux_root_disable_ssh | bool
|
when: evolinux_root_disable_ssh | bool
|
||||||
|
|
Loading…
Reference in a new issue