diff options
| author | Halfwalker <deano-gitea@areyes.com> | 2024-12-23 08:03:18 -0700 |
|---|---|---|
| committer | Nicholas Johnson <mail@nicholasjohnson.ch> | 2025-01-29 00:00:00 +0000 |
| commit | d34a33b99625daf0cd71957d3b1f2cd4d981c459a871df197bda05e540c1337d (patch) | |
| tree | ce24108550e960fa76752f6524f7af7b61403f3ca5872fb5cce652485f112927 /defaults/main.yml | |
| parent | 07bee9d586d26386e74b880b703854eca6ea56078834900a8d03dbfd3840d623 (diff) | |
| download | ansible-role-google-authenticator-d34a33b99625daf0cd71957d3b1f2cd4d981c459a871df197bda05e540c1337d.tar.gz ansible-role-google-authenticator-d34a33b99625daf0cd71957d3b1f2cd4d981c459a871df197bda05e540c1337d.zip | |
Improve wording about nullok parameter
Diffstat (limited to 'defaults/main.yml')
| -rw-r--r-- | defaults/main.yml | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/defaults/main.yml b/defaults/main.yml index 964d155..0eb2f7a 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,9 +3,10 @@ # User can be overridden by a vault variable or from hosts file entry or ansible cmdline username: "{{ vault_username | default(ansible_user_id) }}" -# Set the nullok parameter for pam_google_authenticator.so in /etc/pam.d/sshd -# When set, this allows password logins if no ~/.google_authenticator exists -# If not set, then can NOT login until ~/.google_authenticator is created +# This enables/disables adding the nullok parameter to the pam_google_authenticator.so +# line in /etc/pam.d/sshd +# When enabled, nullok allows password logins even if no ~/.google_authenticator exists +# If false (no 'nullok' param), then users can NOT login until their ~/.google_authenticator is created google_auth_nullok: false # Use google authenticator config from vault if it's there |