31 lines
553 B
Django/Jinja
31 lines
553 B
Django/Jinja
# code: language=ansible-jinja
|
|
Include /etc/ssh/sshd_config.d/*.conf
|
|
|
|
Port 22
|
|
AddressFamily any
|
|
ListenAddress 0.0.0.0
|
|
ListenAddress ::
|
|
|
|
MaxAuthTries 3
|
|
PubkeyAuthentication yes
|
|
{% if hostname in groups['infrastructure'] %}
|
|
PermitRootLogin yes
|
|
{% else %}
|
|
PermitRootLogin no
|
|
{% endif %}
|
|
PermitEmptyPasswords no
|
|
PasswordAuthentication no
|
|
IgnoreRhosts yes
|
|
UsePAM yes
|
|
|
|
AllowAgentForwarding no
|
|
X11Forwarding no
|
|
PrintMotd no
|
|
UseDNS no
|
|
AcceptEnv LANG LC_*
|
|
|
|
{% if hostname in groups['infrastructure'] %}
|
|
Match User root
|
|
PasswordAuthentication yes
|
|
{% endif %}
|