diff options
| author | spmfox <spmfox@foxwd.com> | 2025-04-23 22:22:39 -0400 |
|---|---|---|
| committer | spmfox <spmfox@foxwd.com> | 2025-04-23 22:22:39 -0400 |
| commit | 87a216322a8a858b35ffb1a426ebbadc1395c0df (patch) | |
| tree | be354c436fb5f30422b2a3f43c5cf852da2735e6 /roles/host/tasks/ssh-harden.yml | |
| parent | 33af7561882425e6e1a2d3ed56e46f2c5a10033f (diff) | |
Added handler logic in host role, added ssh hardening
Diffstat (limited to 'roles/host/tasks/ssh-harden.yml')
| -rw-r--r-- | roles/host/tasks/ssh-harden.yml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/roles/host/tasks/ssh-harden.yml b/roles/host/tasks/ssh-harden.yml new file mode 100644 index 0000000..2df5bb2 --- /dev/null +++ b/roles/host/tasks/ssh-harden.yml @@ -0,0 +1,9 @@ +- name: Disable SSH password authentication + ansible.builtin.lineinfile: + dest: "/etc/ssh/sshd_config" + regexp: "^PasswordAuthentication" + line: "PasswordAuthentication no" + state: "present" + validate: "sshd -t -f %s" + notify: + - Restart sshd |