system/tasks/ssh.yml

- name: Ensure SSH instalation
  become: true
  ansible.builtin.package:
    name: '{{ system_ssh_package }}'
    state: present


- name: Ensure key directory exist
  become: true
  ansible.builtin.file:
    state: directory
    path: '{{ item.keyfile | dirname }}'
    owner: '{{ item.user }}'
    mode: 0700
  with_items: '{{ privatekeytodeploy }}'

- name: Install ssh private key
  become: true
  ansible.builtin.copy:
    content: '{{ item.privatekey }}'
    dest: '{{ item.keyfile }}'
    mode: 0600
    owner: '{{ item.user }}'
  with_items: '{{ privatekeytodeploy }}'


- name: Les connexions par mot de passe sont désactivées
  become: true
  ansible.builtin.lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: '^#?PasswordAuthentication'
    line: 'PasswordAuthentication no'
    state: present
  notify: Restart sshd

- name: Remove root SSH access
  become: true
  ansible.builtin.lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: '^PermitRootLogin'
    line: 'PermitRootLogin no'
    state: present
  notify: Restart sshd
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`- name: Ensure SSH instalation`
custom SSH install 2022-10-23 13:28:33 +00:00			`become: true`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`ansible.builtin.package:`
			`name: '{{ system_ssh_package }}'`
custom SSH install 2022-10-23 13:28:33 +00:00			`state: present`
add .ssh check 2022-11-06 18:10:26 +00:00
resolve conflict 2021-07-10 12:41:35 +00:00
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`- name: Ensure key directory exist`
fix issue with .ssh directory not existing 2021-07-10 12:40:17 +00:00			`become: true`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`ansible.builtin.file:`
fix issue with .ssh directory not existing 2021-07-10 12:40:17 +00:00			`state: directory`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`path: '{{ item.keyfile \| dirname }}'`
			`owner: '{{ item.user }}'`
resolve conflict 2021-07-10 12:41:35 +00:00			`mode: 0700`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`with_items: '{{ privatekeytodeploy }}'`
improve ssh key managemnt 2020-03-01 20:06:02 +00:00
modify ssh key management 2021-04-20 08:18:56 +00:00			`- name: Install ssh private key`
linting 2022-02-13 08:40:15 +00:00			`become: true`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`ansible.builtin.copy:`
			`content: '{{ item.privatekey }}'`
			`dest: '{{ item.keyfile }}'`
modify ssh key management 2021-04-20 08:18:56 +00:00			`mode: 0600`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`owner: '{{ item.user }}'`
			`with_items: '{{ privatekeytodeploy }}'`
improve ssh key managemnt 2020-03-01 20:06:02 +00:00
migrate ssh config in system 2020-03-02 20:19:09 +00:00
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`- name: Les connexions par mot de passe sont désactivées`
linting 2022-02-13 08:40:15 +00:00			`become: true`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`ansible.builtin.lineinfile:`
fix issue with .ssh directory not existing 2021-07-10 12:40:17 +00:00			`dest: /etc/ssh/sshd_config`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`regexp: '^#?PasswordAuthentication'`
			`line: 'PasswordAuthentication no'`
migrate ssh config in system 2020-03-02 20:19:09 +00:00			`state: present`
			`notify: Restart sshd`

			`- name: Remove root SSH access`
linting 2022-02-13 08:40:15 +00:00			`become: true`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`ansible.builtin.lineinfile:`
fix issue with .ssh directory not existing 2021-07-10 12:40:17 +00:00			`dest: /etc/ssh/sshd_config`
style: correct ansible lint 2022-12-10 17:51:03 +00:00			`regexp: '^PermitRootLogin'`
			`line: 'PermitRootLogin no'`
migrate ssh config in system 2020-03-02 20:19:09 +00:00			`state: present`
			`notify: Restart sshd`