mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-08 12:53:29 +01:00
16 lines
540 B
YAML
16 lines
540 B
YAML
---
|
|
- name: Manage root login
|
|
hosts: all
|
|
tasks:
|
|
- name: Configure sshd to prevent root and password login except from particular subnet
|
|
ansible.builtin.include_role:
|
|
name: ansible-sshd
|
|
vars:
|
|
sshd_config:
|
|
# root login and password login is enabled only from a particular subnet
|
|
PermitRootLogin: false
|
|
PasswordAuthentication: false
|
|
Match:
|
|
- Condition: "Address 192.0.2.0/24"
|
|
PermitRootLogin: true
|
|
PasswordAuthentication: true
|