aboutsummaryrefslogtreecommitdiffstats
path: root/ansible/roles/common/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/common/tasks')
-rw-r--r--ansible/roles/common/tasks/main.yml21
1 files changed, 14 insertions, 7 deletions
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml
index b9b9c52..926d9d6 100644
--- a/ansible/roles/common/tasks/main.yml
+++ b/ansible/roles/common/tasks/main.yml
@@ -14,14 +14,21 @@
tags:
- role::common
-- name: Disable SSH password authentication
- lineinfile:
- dest: /etc/ssh/sshd_config
- regexp: "^PasswordAuthentication"
- line: "PasswordAuthentication no"
- state: present
+- name: Configure SSH daemon options
+ ansible.builtin.copy:
+ content: |
+ # Ansible managed
+
+ PasswordAuthentication no
+ PermitRootLogin no
+ ClientAliveInterval 300
+ ClientAliveCountMax 3
+ dest: /etc/ssh/sshd_config.d/pydis.conf
+ owner: root
+ group: root
+ mode: "0444"
notify:
- - Restart ssh
+ - Reload ssh
tags:
- role::common
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-09 21:13:57 +0000