X-Git-Url: https://gerrit.fd.io/r/gitweb?p=csit.git;a=blobdiff_plain;f=fdio.infra.ansible%2Froles%2Fuser_add%2Ftasks%2Fmain.yaml;h=e2ef63db483a04e1c6dc753c8068ed614c4e1cdd;hp=f980aff84d8a10732ecb2d0587b15b689b203fca;hb=78a8427cc50c137e5d59ad3448ae128fdda369b2;hpb=df5672b3d9c29b51397f4770eb992c9f3f3955ce

diff --git a/fdio.infra.ansible/roles/user_add/tasks/main.yaml b/fdio.infra.ansible/roles/user_add/tasks/main.yaml
index f980aff84d..e2ef63db48 100644
--- a/fdio.infra.ansible/roles/user_add/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/user_add/tasks/main.yaml
@@ -22,27 +22,16 @@
   with_subelements:
     - "{{ users }}"
     - ssh_key
-    - skip_missing: yes
+    - skip_missing: true
   tags:
     - user-add-conf
 
-- name: Conf - Allow Password Login
+- name: Conf - Disable Password Login
   lineinfile:
     dest: "/etc/ssh/sshd_config"
-    regexp: "^PasswordAuthentication no"
-    line: "PasswordAuthentication yes"
+    regexp: "^PasswordAuthentication yes"
+    line: "PasswordAuthentication no"
   notify:
     - "Restart SSHd"
   tags:
     - user-add-conf
-
-- name: Conf - Add Visudo Entry
-  lineinfile:
-    dest: "/etc/sudoers"
-    state: present
-    line: "{{ item.username }} ALL=(ALL) NOPASSWD: ALL"
-    validate: "visudo -cf %s"
-  with_items: "{{ users }}"
-  tags:
-    - user-add-conf
-