4.2.16: Correct variable name and required max value (#67)

Signed-off-by: Tom Henderson <[email protected]>
ansible-lockdown · Mar 27, 2024 · 3a1efa0 · 3a1efa0
1 parent b52bde5
commit 3a1efa0
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -860,8 +860,8 @@ amzn2023cis_ssh_loglevel: INFO
 
 ## Control 4.2.16 - Ensure SSH MaxAuthTries is set to 4 or less
 # This variable contains the maximum number of authentication attempts permitted
-# per connection. This number should be 10 or less.
-amzn2023cis_ssh_maxsauthtries: 4
+# per connection. This number should be 4 or less.
+amzn2023cis_ssh_maxauthtries: 4
 
 ## Control 4.2.18 - Ensure SSH MaxSessions is set to 10 or less
 # This variable contains the maximum number of open sessions permitted

diff --git a/tasks/section_4/cis_4.2.x.yml b/tasks/section_4/cis_4.2.x.yml
@@ -353,7 +353,7 @@
   ansible.builtin.lineinfile:
       path: "{{ item.path }}"
       regexp: '^(#)?MaxAuthTries \d'
-      line: 'MaxAuthTries {{ amzn2023cis_ssh_maxsauthtries }}'
+      line: 'MaxAuthTries {{ amzn2023cis_ssh_maxauthtries }}'
       validate: sshd -t -f %s
   with_items:
       - "{{ sshd_d_conf_files.files }}"