diff options
Diffstat (limited to 'admin/sshd_config.yaml')
-rw-r--r-- | admin/sshd_config.yaml | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/admin/sshd_config.yaml b/admin/sshd_config.yaml index aba6a9f1..02f1bcd8 100644 --- a/admin/sshd_config.yaml +++ b/admin/sshd_config.yaml @@ -4,5 +4,31 @@ tasks: - name: ensure SSH login with password is disabled lineinfile: - dest=/etc/ssh/sshd_config - line='PasswordAuthentication no' + dest: /etc/ssh/sshd_config + regexp: "^#?PasswordAuthentication" + line: PasswordAuthentication no + state: present + become: yes + notify: + - restart ssh + + - name: Set authorized key taken from file + ansible.posix.authorized_key: + user: "{{ ansible_ssh_user }}" + state: present + key: "{{ lookup('file', item) }}" + with_items: + - keys/bbrown.pub + - keys/bclough.pub + - keys/dbotting.pub + - keys/dpage.pub + - keys/gperkins.pub + + + + handlers: + - name: restart ssh + service: + name: ssh + state: restarted + become: yes |