You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
47 lines
1005 B
YAML
47 lines
1005 B
YAML
---
|
|
- name: Reconfigure old ssh to new config
|
|
hosts: all
|
|
user: root
|
|
|
|
handlers:
|
|
- name: restart ssh
|
|
systemd:
|
|
name: sshd
|
|
state: restarted
|
|
|
|
tasks:
|
|
- name: Ensure root ssh directory exists
|
|
file:
|
|
path: /root/.ssh
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0700'
|
|
|
|
- name: Ensure authorized_keys file exists
|
|
file:
|
|
path: /root/.ssh/authorized_keys
|
|
state: touch
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
|
|
- name: Purge old authorized_keys file
|
|
shell: "echo '' > /root/.ssh/authorized_keys"
|
|
|
|
- name: Import new SSH keys
|
|
authorized_key:
|
|
user: root
|
|
key: "{{ item }}"
|
|
state: present
|
|
loop: "{{ ssh_keys }}"
|
|
|
|
- name: Enable Root Login
|
|
lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
regexp: '^PermitRootLogin'
|
|
line: "PermitRootLogin prohibit-password"
|
|
state: present
|
|
notify:
|
|
- restart ssh
|