vn-ansible/linux/base-config-debian/roles/hardnening-config-root-user/tasks/main.yaml

33 lines
717 B
YAML
Raw Normal View History

2023-10-13 07:08:54 +00:00
---
# delete default user , only on VM
- name: delete default user , only on VM
user:
name: "{{ name_user }}"
state: absent
remove: yes
tags:
- delete-user
# change root password
- name: change root password
user:
name: root
password: "{{ ssh_password | password_hash('sha512') }}"
# config sshd_config file , no root password
- name: change sshd_config to no root password
copy:
src: /etc/ssh/sshd_config.orig
dest: /etc/ssh/sshd_config
2023-10-13 08:05:38 +00:00
remote_src: yes
2023-10-13 07:08:54 +00:00
owner: root
group: root
mode: '0644'
# delete file sshd_config.orig
- name: delete /etc/ssh/sshd_config.orig file
file:
path: /etc/ssh/sshd_config.orig
state: absent
notify: Restart ssh service