add ssh authorized keys command
This commit is contained in:
@@ -3,3 +3,7 @@
|
|||||||
name: sssd
|
name: sssd
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
- name: restart sshd
|
||||||
|
service:
|
||||||
|
name: sshd
|
||||||
|
state: restarted
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
- import_tasks: install.yaml
|
- import_tasks: install.yaml
|
||||||
- import_tasks: authselect.yaml
|
- import_tasks: authselect.yaml
|
||||||
- import_tasks: nsswitch.yaml
|
- import_tasks: nsswitch.yaml
|
||||||
|
- import_tasks: sshd.yaml
|
||||||
|
|||||||
14
ansible/roles/ldap_client/tasks/sshd.yaml
Normal file
14
ansible/roles/ldap_client/tasks/sshd.yaml
Normal file
@@ -0,0 +1,14 @@
|
|||||||
|
- name: Ensure sshd has AuthorizedKeysCommand
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/ssh/sshd_config
|
||||||
|
regexp: '^AuthorizedKeysCommand'
|
||||||
|
line: 'AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys'
|
||||||
|
notify: restart sshd
|
||||||
|
|
||||||
|
- name: Ensure sshd has AuthorizedKeysCommandUser
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/ssh/sshd_config
|
||||||
|
regexp: '^AuthorizedKeysCommandUser'
|
||||||
|
line: 'AuthorizedKeysCommandUser nobody'
|
||||||
|
notify: restart sshd
|
||||||
|
|
||||||
Reference in New Issue
Block a user