Skip to content

Commit

Permalink
Commenting variables that may affect the ssh access
Browse files Browse the repository at this point in the history
Signed-off-by: Diana-Maria Dumitru <[email protected]>
  • Loading branch information
DianaMariaDDM committed Jan 31, 2024
1 parent 154b65d commit 4cde3d2
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -798,26 +798,26 @@ amzn2023cis_sshd:
# If an USER@HOST format will be used, the specified user will be allowed only on that particular host.
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, see https://linux.die.net/man/5/sshd_config
allowusers:
# allowusers:
# This variable, if specified, configures a list of GROUP name patterns, separated by spaces, to allow SSH access
# for users whose primary group or supplementary group list matches one of the patterns. This is done
# by setting the value of `AllowGroups` option in `/etc/ssh/sshd_config` file.
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, https://linux.die.net/man/5/sshd_config
allowgroups: systems dba
# allowgroups: systems dba
# This variable, if specified, configures a list of USER name patterns, separated by spaces, to prevent SSH access
# for users whose user name matches one of the patterns. This is done
# by setting the value of `DenyUsers` option in `/etc/ssh/sshd_config` file.
# If an USER@HOST format will be used, the specified user will be restricted only on that particular host.
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, see https://linux.die.net/man/5/sshd_config
denyusers:
# denyusers:
# This variable, if specified, configures a list of GROUP name patterns, separated by spaces, to prevent SSH access
# for users whose primary group or supplementary group list matches one of the patterns. This is done
# by setting the value of `DenyGroups` option in `/etc/ssh/sshd_config` file.
# The allow/deny directives process order: DenyUsers, AllowUsers, DenyGroups, AllowGroups.
# For more info, see https://linux.die.net/man/5/sshd_config
denygroups:
# denygroups:

## Control 4.2.5 - Ensure SSH LogLevel is appropriate
# This variable refers to the loglevel used for ssh.
Expand Down

0 comments on commit 4cde3d2

Please sign in to comment.