diff options
author | Lars Wirzenius <liw@liw.fi> | 2020-04-19 09:45:33 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2020-04-19 12:15:33 +0300 |
commit | 82cfb707506fb5b516c9f0a82e8cedcb507a9444 (patch) | |
tree | 64b41ba94d198e2e594e7d6e7f6d838d9fb2dc23 /v-i.yml | |
parent | 6acb44e30d71477e1a1e34016e4e5909cc9528cb (diff) | |
download | v-i-82cfb707506fb5b516c9f0a82e8cedcb507a9444.tar.gz |
Change: disable password authentication over ssh
Diffstat (limited to 'v-i.yml')
-rw-r--r-- | v-i.yml | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -48,6 +48,12 @@ iface eth0 inet6 auto dest: /etc/network/interfaces.d/wired + - name: "restrict root logins over ssh" + lineinfile: + path: /etc/ssh/sshd_config + regex: "#* *PasswordAuthentication" + line: "PasswordAuthentication no" + - name: "copy rootfs tarball" copy: src: "{{ rootfs_tarball }}" @@ -56,7 +62,9 @@ - name: "add my ssh pub key to root's authorized keys" authorized_key: user: root - key: "{{ lookup('file', '/home/liw/.ssh/liw-openpgp.pub') }}" + key: "{{ user_pub }}" vars: hostname: v-i + user_pub: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAlECa3tbFGXhB3Zh/4/GhM11THOThVfiuLqqJ2dpWHEClzpKJHpzzwWt7g9z/MMQNMsUJLy+okz+De6hdjjmYJ9kG9Sr3H4YKq6itGQMj7L/cH3WS3ynp0uy0oW3hf932vDZKQ8iy9vczXH+ERYl+4TYae1Jp4Hyf4/2IYxEfuhKctvSvqySST3Qk9JNZ71HFGOWhjH/MmoCLoT1v+HkqmHdYf/GMKGRo3gqCEGgCgNErYYIyKm3OF3dHXK+hyGLE/cZNu6fU5woW3rvtUCFt08Ri2pm0cnXXJn9jQIMxfS5Kkf64svwgzKmPqgX1f4flopYPlsBXduCgzbJvj+lpgauAk/i1A5B01CFa9sI4C6pHZmwk1qxRwN+4IXL2CQt+tDgYC84ZDDd8R7cNyL22a3KhMQmdHtvog1beAa3Ab+J+cafkXXN+Es9f1wQjzk7DiHupmJIVofBvPP+cRcB46rwha6ati8Fa5QkT9rXFNqQsKk7jq8TIi54Bm15OOa0jInGG3TM17b9Ftu2WTJSAaqgBnDfZiInK7HEvC6K/IBljrN3oGagmFZPrAvzw7d6C2/nKFAQtfoMcE5oWVDrJyjsmJ8oaru0E8rwj7mMvyKPgEMnXTGXLWDgEo50+i291m4bkCxVwiOPbPRvdMll1Y8qfBAPT76sY4Ikgcw/2iw== openpgp:0xBBE80E50 |