openstack/openstack-ansible
Code Issues Proposed changes

Use 'PermitRootLogin 'without-password''

Browse Source 
Since https://review.openstack.org/#/c/518013/7 merged we can now set
the value of security_sshd_permit_root_login to be 'without-password',
we should do this in favour of 'yes'.

[hwoarang: This also bumps a-r-r to include the fix in the
ansible-hardening role]

Change-Id: I624d29752fca5a8cbf4cab455f32f0116b99ff82
(cherry picked from commit d78e63a67d)
This commit is contained in:
Andy McCrae 2017-11-14 16:40:14 +00:00 committed by Kevin Carter (cloudnull)
parent 27fa064a0e
commit dcf6443d97
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible-role-requirements.yml
View File

@ -1,7 +1,7 @@
- name: ansible-hardening
scm: git
src: https://git.openstack.org/openstack/ansible-hardening
version: d1fb76ee4f6417cf1bb965c26c9f31d7ffb719f2
version: c05e36f48de66feb47046a0126d986fa03313f29
- name: apt_package_pinning
scm: git
src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning

2
group_vars/hosts.yml
View File

@ -29,4 +29,4 @@ stig_version: rhel7
security_rhel7_enable_linux_security_module: "{{ ansible_os_family == 'RedHat' | ternary(false, true) }}"
# All our ansible tasks run as root user, we need to allow direct root login
security_sshd_permit_root_login: yes
security_sshd_permit_root_login: 'without-password'