ssh playbook

From KobrAs, 4 Weeks ago, written in Plain Text, viewed 2 times.
URL https://paste.lug.ro/view/446504f1 Embed
Download Paste or View Raw
  1. ---
  2.  - hosts: all
  3.    vars:
  4.      - chroot_password: ''
  5.    gather_facts: no
  6.    remote_user: ubuntu
  7.    become: true
  8. tasks:
  9. - name: generic user
  10.      user:
  11.           name: chroot
  12.           shell: /bin/bash
  13.           password: "{{ chroot_password }}"
  14. - name: Add chroot user to the sudoers
  15.      copy:
  16.           dest: "/etc/sudoers.d/chroot"
  17.           content: "chroot  ALL=(ALL)  NOPASSWD: ALL"
  18. - name: Deploy SSH Key
  19.      authorized_key: user=chroot
  20.                      key="{{ lookup('file', '/home/chroot/.ssh/id_rsa.pub') }}"
  21.                      state=present
  22. - name: Disable Password Authentication
  23.      lineinfile:
  24.            dest=/etc/ssh/sshd_config
  25.            regexp='^PasswordAuthentication'
  26.            line="PasswordAuthentication no"
  27.            state=present
  28.            backup=yes
  29. - name: Disable Root Login
  30.      lineinfile:
  31.            dest=/etc/ssh/sshd_config
  32.            regexp='^PermitRootLogin'
  33.            line="PermitRootLogin without-password"
  34.            state=present
  35.            backup=yes
  36.      notify:
  37.        - restart ssh
  38. handlers:
  39.    - name: restart ssh
  40.      service:
  41.        name=sshd
  42.        state=restarted

Reply to "ssh playbook"

Here you can reply to the paste above

captcha