ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add SSH Variables the proper way, condition entries correct.

Browse source 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
This commit is contained in:
root@DERVISHx 2023-10-17 14:17:00 +01:00
parent 5ab4a1c0ed
commit e4e0b9d0a3
No known key found for this signature in database
GPG key ID: C68B144D8E6CCC46
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/section_5/cis_5.2.x.yml
View file

@ -278,7 +278,7 @@
- name: "5.2.15 | PATCH | Ensure SSH warning banner is configured" - name: "5.2.15 | PATCH | Ensure SSH warning banner is configured"
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: "{{ rhel9_cis_sshd_config_file }}" path: "{{ rhel9_cis_sshd_config_file }}"
regexp: '^Banner' regexp: '^#Banner|^Banner'
line: 'Banner /etc/issue.net' line: 'Banner /etc/issue.net'
when: when:
- rhel9cis_rule_5_2_15 - rhel9cis_rule_5_2_15

2
vars/RedHat.yml
View file

@ -9,6 +9,6 @@ rhel9cis_sshd:
clientaliveinterval: 900 clientaliveinterval: 900
logingracetime: 60 logingracetime: 60
# allowusers: # allowusers:
allowgroups: root sshd wheel allowgroups: sshd wheel
# denyusers: # denyusers:
# denygroups: # denygroups: