roles/common: Adjust allowed user logic for Ubuntu 16.04 sshd_config

2017-01-30 12:54:35 +02:00 · 2017-01-30 12:54:35 +02:00 · 9ca685a6af
commit 9ca685a6af
parent 1641dd9795
1 changed files with 2 additions and 7 deletions
--- a/roles/common/templates/sshd_config_Ubuntu-16.04.j2
+++ b/roles/common/templates/sshd_config_Ubuntu-16.04.j2
@ -92,10 +92,5 @@ Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
 KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256

-{% if ssh_allowed_users is defined and ssh_allowed_users %}
-# Is there a list of allowed users?
-# Is it populated? (An empty list is 'None', which evaluates as False in Python)
-# merge the items of a list into one string using a space as a separator
-# http://jinja.pocoo.org/docs/dev/templates/#join
-AllowUsers {{ ssh_allowed_users|join(" ") }} {{ provisioning_user.name }}
-{% endif %}
+# only allow shell access by provisioning user
+AllowUsers {{ provisioning_user.name }}