ansible批量禁止root用户登录

以下Ansible-Ploybook功能: 🚫禁止Root用户登录

      ---  lineinfile 模块替换前备份(格式为sshd_config.13019.2020-05-25@17:48:55~

      ---  shell  模块支持正则 查看修改后的内容是否有变化

      ---  systemd  服务模块(restarted  stoped started enable=yes

- hosts: ssh 
  tasks:
    - name: "Replace / etc / SSH / sshd_ Permitrootlogin parameter in config file"
      lineinfile:
        path: /etc/ssh/sshd_config 
        regexp: "^PermitRootLogin"
        line: "PermitRootLogin no"
        backup: yes 
    - name: "View modified content."
      shell: |
        cat /etc/ssh/sshd_config| sed 's#\PermitRootLogin yes#PermitRootLogin no#g'|grep PermitRootLogin
    - name: "Reload SSH profile"
      systemd:
        name: sshd
        state: restarted
      register: out
    - debug: var=out.stdout_lines
    
    
[root@BS003 probject]# ansible-playbook --syntax-check sshd.yaml
[root@BS003 probject]# ansible-playbook  sshd.yaml  
posted @ 2020-06-05 10:08  地铁昌平线  阅读(779)  评论(0编辑  收藏  举报