29 lines
No EOL
648 B
YAML
29 lines
No EOL
648 B
YAML
- name: Enable SSH root login in sshd_config
|
|
lineinfile:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^#?PermitRootLogin'
|
|
line: 'PermitRootLogin prohibit-password'
|
|
state: present
|
|
notify: restart sshd
|
|
|
|
- name: Set up authorized_keys file for root
|
|
file:
|
|
path: /root/.ssh
|
|
state: directory
|
|
mode: '0700'
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Ensure authorized_keys keys
|
|
copy:
|
|
dest: /root/.ssh/authorized_keys
|
|
content: "{{ vars.ssh_keys | join('\n') }}"
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
|
|
- name: Ensure sshd service is started and enabled
|
|
systemd:
|
|
name: sshd
|
|
enabled: yes
|
|
state: started |