ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

typo and ssh allow_deny comments

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-03-06 15:47:43 +00:00
parent 2d9b93d9de
commit c636e774c2
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
1 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
defaults/main.yml
View file

@ -1017,13 +1017,15 @@ rhel9cis_sshd:
# If an USER@HOST format will be used, the specified user will be allowed only on that particular host. # If an USER@HOST format will be used, the specified user will be allowed only on that particular host.
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups. # The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, see https://linux.die.net/man/5/sshd_config # For more info, see https://linux.die.net/man/5/sshd_config
allowusers: "" # allowusers: ""
# (String) This variable, if spcieifed, configures a list of GROUP name patterns, separated by spaces, to allow SSH access
# (String) This variable, if specified, configures a list of GROUP name patterns, separated by spaces, to allow SSH access
# for users whose primary group or supplementary group list matches one of the patterns. This is done # for users whose primary group or supplementary group list matches one of the patterns. This is done
# by setting the value of `AllowGroups` option in `/etc/ssh/sshd_config` file. # by setting the value of `AllowGroups` option in `/etc/ssh/sshd_config` file.
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups. # The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, https://linux.die.net/man/5/sshd_config # For more info, https://linux.die.net/man/5/sshd_config
allowgroups: "wheel" # allowgroups: "wheel"
# This variable, if specified, configures a list of USER name patterns, separated by spaces, to prevent SSH access # This variable, if specified, configures a list of USER name patterns, separated by spaces, to prevent SSH access
# for users whose user name matches one of the patterns. This is done # for users whose user name matches one of the patterns. This is done
# by setting the value of `DenyUsers` option in `/etc/ssh/sshd_config` file. # by setting the value of `DenyUsers` option in `/etc/ssh/sshd_config` file.
@ -1031,6 +1033,7 @@ rhel9cis_sshd:
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups. # The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, see https://linux.die.net/man/5/sshd_config # For more info, see https://linux.die.net/man/5/sshd_config
denyusers: "nobody" denyusers: "nobody"
# This variable, if specified, configures a list of GROUP name patterns, separated by spaces, to prevent SSH access # This variable, if specified, configures a list of GROUP name patterns, separated by spaces, to prevent SSH access
# for users whose primary group or supplementary group list matches one of the patterns. This is done # for users whose primary group or supplementary group list matches one of the patterns. This is done
# by setting the value of `DenyGroups` option in `/etc/ssh/sshd_config` file. # by setting the value of `DenyGroups` option in `/etc/ssh/sshd_config` file.