roles/common: Adjust allowed user logic for Ubuntu 16.04 sshd_config
This commit is contained in:
parent
1641dd9795
commit
9ca685a6af
@ -92,10 +92,5 @@ Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
|
|||||||
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
|
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
|
||||||
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
||||||
|
|
||||||
{% if ssh_allowed_users is defined and ssh_allowed_users %}
|
# only allow shell access by provisioning user
|
||||||
# Is there a list of allowed users?
|
AllowUsers {{ provisioning_user.name }}
|
||||||
# Is it populated? (An empty list is 'None', which evaluates as False in Python)
|
|
||||||
# merge the items of a list into one string using a space as a separator
|
|
||||||
# http://jinja.pocoo.org/docs/dev/templates/#join
|
|
||||||
AllowUsers {{ ssh_allowed_users|join(" ") }} {{ provisioning_user.name }}
|
|
||||||
{% endif %}
|
|
||||||
|
Loading…
Reference in New Issue
Block a user