13 lines
724 B
YAML
13 lines
724 B
YAML
- name: Password based logins are disabled - only public key based logins are allowed.
|
|
lineinfile: dest=/etc/ssh/sshd_config regexp='^#?AuthenticationMethods' line='AuthenticationMethods publickey'
|
|
- lineinfile: dest=/etc/ssh/sshd_config regexp='^#?PasswordAuthentication' line='PasswordAuthentication no'
|
|
- lineinfile: dest=/etc/ssh/sshd_config regexp='^#?ChallengeResponseAuthentication' line='ChallengeResponseAuthentication no'
|
|
- lineinfile: dest=/etc/ssh/sshd_config regexp='^#?PubkeyAuthentication' line='PubkeyAuthentication yes'
|
|
- lineinfile: dest=/etc/ssh/sshd_config regexp='^PermitRootLogin' line='PermitRootLogin No'
|
|
|
|
- name: restart sshd
|
|
systemd:
|
|
state: restarted
|
|
daemon_reload: yes
|
|
name: sshd
|
|
|