vm-ansible/roles/common/tasks/ssh-security-settings.yaml
Kristóf Torma 52f7e7e153
Some checks failed
continuous-integration/drone/push Build is failing
remove fqdn
2023-08-30 23:13:59 +02:00

25 lines
527 B
YAML

---
- name: Disable root authentication
replace:
path: /etc/ssh/sshd_config
regexp: '#PermitRootLogin prohibit-password'
replace: 'PermitRootLogin no'
- name: Disable X11 forwarding
replace:
path: /etc/ssh/sshd_config
regexp: 'X11Forwarding yes'
replace: 'X11Forwarding no'
- name: Explicitly only listen on ipv4
replace:
path: /etc/ssh/sshd_config
regexp: '#AddressFamily any'
replace: 'AddressFamily inet'
- name: "Restart sshd"
service:
name: sshd
state: restarted
...