31 lines
808 B
YAML
31 lines
808 B
YAML
- name: Disable the root account
|
|
user:
|
|
name: root
|
|
password: '!'
|
|
password_lock: yes
|
|
notify:
|
|
- Disable SSH login for root
|
|
- Disable SSH password authentication
|
|
- name: Disable SSH login for root
|
|
replace:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: "^.*PermitRootLogin.*$"
|
|
replace: "PermitRootLogin no"
|
|
notify:
|
|
- Reload SSH service
|
|
- name: Disable SSH password authentication
|
|
replace:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: "^.*PasswordAuthentication.*$"
|
|
replace: "PasswordAuthentication no"
|
|
notify:
|
|
- Reload SSH service
|
|
- name: Reload SSH service
|
|
systemd:
|
|
name: ssh
|
|
state: reloaded
|
|
- name: Enable and restart iptables
|
|
systemd:
|
|
name: netfilter-persistent
|
|
state: restarted
|