Use ansible version compare module

neophy7e · BentoumiTech · commit 7685b8fe5499 · 2018-11-06T23:00:20.000+01:00
Signed-off-by: neophy7e &lt;kbentoumi@gmail.com&gt;
Signed-off-by: neophy7e &lt;&gt;
Signed-off-by: neophy7e &lt;kbentoumi@gmail.com&gt;
diff --git a/templates/openssh.conf.j2 b/templates/openssh.conf.j2
@@ -82,7 +82,7 @@ ForwardX11 no
 
 # Never use host-based authentication. It can be exploited.
 HostbasedAuthentication no
-{% if sshd_version.stdout | float < 7.4 -%}
+{% if sshd_version.stdout is version('7.4', '<=') %}
 RhostsRSAAuthentication no
 # Enable RSA authentication via identity files.
 RSAAuthentication yes
@@ -111,7 +111,7 @@ Compression yes
 #EscapeChar ~
 #VisualHostKey yes
 
-{% if sshd_version.stdout | float <= 7.1 -%}
+{% if sshd_version.stdout is version('7.1', '<=') %}
 # Disable experimental client roaming. This is known to cause potential issues with secrets being disclosed to malicious servers and defaults to being disabled.
 UseRoaming {{ 'yes' if ssh_client_roaming else 'no' }}
 {% endif %}
diff --git a/templates/opensshd.conf.j2 b/templates/opensshd.conf.j2
@@ -75,7 +75,7 @@ LogLevel VERBOSE
 # --------------
 
 # Secure Login directives.
-{% if sshd_version.stdout | float  < 7.5 -%}
+{% if sshd_version.stdout is version('7.5', '<') %}
 UsePrivilegeSeparation {% if (ansible_distribution == 'Debian' and ansible_distribution_major_version <= '6') or (ansible_os_family in ['Oracle Linux', 'RedHat'] and ansible_distribution_major_version <= '6') -%}{{ssh_ps53}}{% else %}{{ssh_ps59}}{% endif %}
 {% endif %}
 
