17 lines
463 B
YAML
17 lines
463 B
YAML
- name: Ensure sshd has AuthorizedKeysCommand
|
|
lineinfile:
|
|
state: present
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#AuthorizedKeysCommand'
|
|
line: 'AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys'
|
|
notify: restart sshd
|
|
|
|
- name: Ensure sshd has AuthorizedKeysCommandUser
|
|
lineinfile:
|
|
state: present
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#AuthorizedKeysCommandUser'
|
|
line: 'AuthorizedKeysCommandUser nobody'
|
|
notify: restart sshd
|
|
|