diff options
| author | Aaron LI <aly@aaronly.me> | 2019-09-19 10:03:37 +0800 |
|---|---|---|
| committer | Aaron LI <aly@aaronly.me> | 2019-09-19 10:03:37 +0800 |
| commit | a217f32c28999f6798442bc2b721900859dca766 (patch) | |
| tree | 687e3a9a24aab1c1a30bad33bb8b6435dfc9043d /roles | |
| parent | 322d84e087719b689260264afbb8408ba8868c6f (diff) | |
| download | ansible-dfly-vps-a217f32c28999f6798442bc2b721900859dca766.tar.bz2 | |
bootstrap: Disable password login for SSH
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/bootstrap/tasks/main.yml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/roles/bootstrap/tasks/main.yml b/roles/bootstrap/tasks/main.yml index 24f4c82..806902d 100644 --- a/roles/bootstrap/tasks/main.yml +++ b/roles/bootstrap/tasks/main.yml @@ -59,6 +59,14 @@ validate: "sshd -t -f %s" notify: restart-sshd +- name: SSH - disable password login + lineinfile: + path: /etc/ssh/sshd_config + regexp: "^#?PasswordAuthentication" + line: "PasswordAuthentication no" + validate: "sshd -t -f %s" + notify: restart-sshd + - name: SSH - disable empty password login lineinfile: path: /etc/ssh/sshd_config |