ansible-common/tasks/ssh.yml

- name: Enable SSH root login in sshd_config
  lineinfile:
    path: /etc/ssh/sshd_config
    regexp: '^#?PermitRootLogin'
    line: 'PermitRootLogin prohibit-password'
    state: present
  notify: restart sshd

- name: Set up authorized_keys file for root
  file:
    path: /root/.ssh
    state: directory
    mode: '0700'
    owner: root
    group: root

- name: Ensure authorized_keys keys
  copy:
    dest: /root/.ssh/authorized_keys
    content: "{{ vars.ssh_keys | join('\n') }}"
    owner: root
    group: root
    mode: '0600'

- name: Ensure sshd service is started and enabled
  systemd:
    name: sshd
    enabled: yes
    state: started
Create basic repo Signed-off-by: Frank Villaro-Dixon <frank@villaro-dixon.eu> 2024-10-04 16:52:39 +00:00			`- name: Enable SSH root login in sshd_config`
			`lineinfile:`
			`path: /etc/ssh/sshd_config`
			`regexp: '^#?PermitRootLogin'`
			`line: 'PermitRootLogin prohibit-password'`
			`state: present`
			`notify: restart sshd`

			`- name: Set up authorized_keys file for root`
			`file:`
			`path: /root/.ssh`
			`state: directory`
			`mode: '0700'`
			`owner: root`
			`group: root`

			`- name: Ensure authorized_keys keys`
			`copy:`
			`dest: /root/.ssh/authorized_keys`
			`content: "{{ vars.ssh_keys \| join('\n') }}"`
			`owner: root`
			`group: root`
			`mode: '0600'`

			`- name: Ensure sshd service is started and enabled`
			`systemd:`
			`name: sshd`
			`enabled: yes`
			`state: started`