lab-ansible/roles/common/templates/etc/ssh/sshd_config.j2

31 lines
553 B
Plaintext
Raw Normal View History

2023-11-07 21:15:20 +00:00
# code: language=ansible-jinja
Include /etc/ssh/sshd_config.d/*.conf
Port 22
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
MaxAuthTries 3
PubkeyAuthentication yes
{% if hostname in groups['infrastructure'] %}
PermitRootLogin yes
{% else %}
PermitRootLogin no
{% endif %}
PermitEmptyPasswords no
PasswordAuthentication no
IgnoreRhosts yes
UsePAM yes
AllowAgentForwarding no
X11Forwarding no
PrintMotd no
UseDNS no
AcceptEnv LANG LC_*
{% if hostname in groups['infrastructure'] %}
Match User root
PasswordAuthentication yes
{% endif %}