testing adding sshd configs
| | |
|---|
| | | }, |
|---|
| | | "InstanceType": "{{bastion_instance_type}}", |
|---|
| | | "KeyName": "{{key_name}}", |
|---|
| | | "UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ |
|---|
| | | "sed -i "2i ldap_group_nesting_level=0" /etc/sssd/sssd.conf \n", |
|---|
| | | "systemctl restart sssd \n", |
|---|
| | | "echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config \n", |
|---|
| | | "sed -i "s/^PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config \n", |
|---|
| | | "sed -i "s/^ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/" /etc/ssh/sshd_config \n", |
|---|
| | | "systemctl restart sshd \n" |
|---|
| | | ]]}}, |
|---|
| | | "SecurityGroupIds": [ |
|---|
| | | { |
|---|
| | | "Fn::GetAtt": [ |
|---|
