[FIX] sshd_config broken with root only and centos sftp
This commit is contained in:
parent
4c11ea5dfe
commit
11174830cf
|
|
@ -4,8 +4,8 @@
|
||||||
# SSH
|
# SSH
|
||||||
- name: setup - Copy sshd_config
|
- name: setup - Copy sshd_config
|
||||||
become: yes
|
become: yes
|
||||||
copy:
|
template:
|
||||||
src: "{{ role_path }}/files/sshd_config"
|
src: "{{ role_path }}/templates/sshd_config.j2"
|
||||||
dest: "/etc/ssh/sshd_config"
|
dest: "/etc/ssh/sshd_config"
|
||||||
backup: yes
|
backup: yes
|
||||||
notify:
|
notify:
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,11 @@ LogLevel VERBOSE
|
||||||
|
|
||||||
# Authentication:
|
# Authentication:
|
||||||
#LoginGraceTime 2m
|
#LoginGraceTime 2m
|
||||||
|
{% if 'root' == ansible_user_id %}
|
||||||
|
PermitRootLogin yes
|
||||||
|
{% else %}
|
||||||
PermitRootLogin no
|
PermitRootLogin no
|
||||||
|
{% endif %}
|
||||||
#StrictModes yes
|
#StrictModes yes
|
||||||
MaxAuthTries 2
|
MaxAuthTries 2
|
||||||
MaxSessions 2
|
MaxSessions 2
|
||||||
|
|
@ -59,7 +63,11 @@ UseDNS no
|
||||||
AcceptEnv LANG LC_*
|
AcceptEnv LANG LC_*
|
||||||
|
|
||||||
# Log sftp level file access (read/write/etc.) that would not be easily logged otherwise.
|
# Log sftp level file access (read/write/etc.) that would not be easily logged otherwise.
|
||||||
|
{% if ((override_os_family is defined) | ternary(override_os_family,ansible_os_family)) == 'Centos' %}
|
||||||
|
Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTHPRIV -l INFO
|
||||||
|
{% else %}
|
||||||
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
|
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Example of overriding settings on a per-user basis
|
# Example of overriding settings on a per-user basis
|
||||||
#Match User anoncvs
|
#Match User anoncvs
|
||||||
Loading…
Reference in a new issue