Remove debug code, reformat
This commit is contained in:
Sven Velt
parent
7de7dfb31f
commit
b75fe6283c
|
|
@ -67,9 +67,6 @@
|
|||
register: ssh_hardening_use_policies
|
||||
|
||||
|
||||
- debug: var=ssh_hardening_use_policies.stat.exists
|
||||
|
||||
|
||||
- name: "The (RedHat) crypto policy way..."
|
||||
include_tasks: restrictions_crypto_policy.yml
|
||||
when: ssh_hardening_use_policies.stat.exists
|
||||
|
|
|
|||
|
|
@ -4,16 +4,20 @@
|
|||
path: "{{ ssh_hardening_moduli_backup }}"
|
||||
register: ssh_hardening_moduli_backup_file
|
||||
|
||||
|
||||
- name: 'Moduli: Backup "moduli.not-hardened"'
|
||||
shell: 'cp -a {{ ssh_hardening_moduli }} {{ ssh_hardening_moduli_backup }}'
|
||||
when: not ssh_hardening_moduli_backup_file.stat.exists
|
||||
|
||||
|
||||
- name: 'Moduli: Check for small Diffie-Hellman moduli'
|
||||
shell: "grep -c ' 1535 \\| 2047 ' /etc/ssh/moduli || true"
|
||||
changed_when: False
|
||||
register: ssh_hardening_moduli_small
|
||||
|
||||
|
||||
- name: 'Moduli: Remove small Diffie-Hellman moduli'
|
||||
shell: "TMPF=$(mktemp) && awk '$5 >= 3071' /etc/ssh/moduli >${TMPF} && mv ${TMPF} /etc/ssh/moduli"
|
||||
when: ssh_hardening_moduli_small.stdout|int > 0
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
changed_when: False
|
||||
register: ssh_hardening_includedir
|
||||
|
||||
- debug: var=ssh_hardening_includedir
|
||||
|
||||
- name: Write restrictions to include file
|
||||
template:
|
||||
|
|
|
|||
Loading…
Reference in a new issue