- name: "Limit interactive session count to 2"
ssh_conf:
- regexp: '[\s]*MaxSessions"
+ regexp: '[\s]*MaxSessions'
values: "MaxSessions 2\n"
- name: Banner creation
regexp: '[\s]*ClientAliveCountMax'
values: "ClientAliveCountMax 0\n"
-- name: "Limit logins to members of {{ users['admin_user_name'] }} group"
+- name: "Limit logins to members of admin, keystone, and ironic groups"
ssh_conf:
regexp: '[\s]*AllowGroups'
- values: "AllowGroups {{ users['admin_user_name'] }}\n"
+ values: "AllowGroups {{ users['admin_user_name'] }} {{ keystone_system_group_name |default('keystone') }} {{ ironic_system_group_name | default('ironic') }}\n"
- name: "Disable SSH Support for User Known Hosts"
ssh_conf:
name: sshd
state: restarted
-- name : create a banner file
+- name: create a banner file
lineinfile:
path: /etc/banner
create: yes