This repository has been archived on 2020-06-04. You can view files and clone it, but cannot push or open issues or pull requests.
2020-04-08 01:30:18 +00:00
|
|
|
- name: Disable the root account
|
|
|
|
user:
|
|
|
|
name: root
|
|
|
|
password: '!'
|
|
|
|
password_lock: yes
|
|
|
|
notify:
|
|
|
|
- Disable SSH login for root
|
|
|
|
- Disable SSH password authentication
|
|
|
|
- name: Disable SSH login for root
|
|
|
|
replace:
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
regexp: "^.*PermitRootLogin.*$"
|
|
|
|
replace: "PermitRootLogin no"
|
|
|
|
notify:
|
|
|
|
- Reload SSH service
|
|
|
|
- name: Disable SSH password authentication
|
|
|
|
replace:
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
regexp: "^.*PasswordAuthentication.*$"
|
|
|
|
replace: "PasswordAuthentication no"
|
|
|
|
notify:
|
|
|
|
- Reload SSH service
|
|
|
|
- name: Reload SSH service
|
|
|
|
systemd:
|
|
|
|
name: ssh
|
|
|
|
state: reloaded
|