might not end up in right state if duplicates exist #13
Description
Possibly you should update your code to first clean all duplicates:
https://stackoverflow.com/questions/65228192/ansible-disable-ssh-password-authentication
Something like:
-
name: clean duplicates
replace:
path: '/etc/ssh/sshd_config'
after: 'PasswordAuthentication'
regexp: '^(.)PasswordAuthentication(.)$'
replace: '' -
name: clean duplicates
replace:
path: '/etc/ssh/sshd_config'
after: 'PermitEmptyPasswords'
regexp: '^(.)PermitEmptyPasswords(.)$'
replace: '' -
name: clean duplicates
replace:
path: '/etc/ssh/sshd_config'
after: 'PermitRootLogin'
regexp: '^(.)PermitRootLogin(.)$'
replace: '' -
name: set password login no
lineinfile:
path: '/etc/ssh/shd_config'
regexp: '^(.)PasswordAuthentication(.)$'
line: 'PasswordAuthentication no'
notify: restart sshd -
name: Disable empty password login
lineinfile:
path: '/etc/ssh/shd_config'
regexp: '^(.)PermitEmptyPasswords(.)$'
line: 'PermitEmptyPasswords no'
notify: restart sshd -
name: Disable remote root login
lineinfile:
path: '/etc/ssh/shd_config'
regexp: '^(.)PermitRootLogin(.)$'
line: 'PermitRootLogin no'
notify: restart sshd