4405271e69
This patch is a follow-on docs patch for the sshd configuration work. Implements: blueprint security-rhel7-stig Change-Id: Ie140302bd0a20282f2f08a1296e04217e52da114
551 B
551 B
---id: RHEL-07-040310 status: implemented tag: sshd ---
The PermitRootLogin configuration is set to
no in /etc/ssh/sshd_config and sshd is
restarted.
Deployers can opt out of this change by setting the following Ansible variable:
security_sshd_permit_root_login: noWarning
Ensure that a regular user account exists with a pathway to root
access (preferably via sudo) before applying the security
role. This configuration change disallows any direct logins with the
root user.