June
e3a29c422a
Some checks failed
/ Ansible Lint (push) Failing after 1m37s
This fixes ansible-lint no-handler complaints.
20 lines
732 B
YAML
20 lines
732 B
YAML
# Role and config created after: https://infosec.mozilla.org/guidelines/openssh
|
|
- name: deploy SSH server config
|
|
become: true
|
|
|
|
block:
|
|
- name: deploy `sshd_config`
|
|
ansible.builtin.template:
|
|
force: true
|
|
dest: /etc/ssh/sshd_config
|
|
mode: "0644"
|
|
owner: root
|
|
group: root
|
|
src: sshd_config.j2
|
|
notify:
|
|
# Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection.
|
|
- reboot the system
|
|
|
|
- name: deactivate short moduli
|
|
ansible.builtin.shell:
|
|
cmd: awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.tmp && mv /etc/ssh/moduli.tmp /etc/ssh/moduli
|