Merge pull request #142 from bykvaadm/fix_5.1.x

uk-bolly · web-flow · commit 98c068178b62 · 2026-02-23T13:33:25.000Z
[5.1.x] fix ssh keys permissions
diff --git a/tasks/section_5/cis_5.1.x.yml b/tasks/section_5/cis_5.1.x.yml
@@ -56,7 +56,7 @@
         path: "{{ item.path }}"
         owner: root
         group: root
-        mode: 'o-x,go-rwx'
+        mode: 'u-x,go-rwx'
       with_items:
         - "{{ discovered_ssh_host_priv_keys.files }}"
       loop_control:
@@ -84,7 +84,7 @@
         path: "{{ item.path }}"
         owner: root
         group: root
-        mode: 'go-wx'
+        mode: 'u-x,go-wx'
       with_items:
         - "{{ discovered_ssh_host_pub_keys.files }}"
       loop_control:
