Ansible_workstation/tasks/ssh.yml

---
# - name: ssh -- Copy sshd_config
#   template:
#     src: files/sshd_config
#     dest: /etc/ssh/sshd_config

- name: ssh -- Disable empty password login
  lineinfile: 
    dest: /etc/ssh/sshd_config
    regexp: "^#?PermitEmptyPasswords"
    line: "PermitEmptyPasswords no"
    backrefs: yes
  tags:
    - first_deployement

- name: ssh -- Disable remote root login
  lineinfile: 
    dest: /etc/ssh/sshd_config 
    regexp: "^#?PermitRootLogin" 
    line: "PermitRootLogin no"
    backrefs: yes
  tags:
    - first_deployement

- name: ssh -- Disable password login
  lineinfile: 
    dest: /etc/ssh/sshd_config
    regexp: "^#?PasswordAuthentication" 
    line: "PasswordAuthentication no"
    backrefs: yes
  when: add_identity_key is succeeded and not add_identity_key is skipped
  notify: restart sshd
  tags:
    - first_deployement

- name: ssh -- Enable SSH daemon (not Debian)
  service: 
    name: sshd
    state: started
    enabled: yes
  tags:
    - first_deployement
  when: ansible_distribution != 'Debian'

- name: ssh -- Enable SSH daemon (Debian)
  service: 
    name: ssh
    state: started
    enabled: yes
  when: ansible_distribution == 'Debian'
Start configure sshd 2018-08-24 08:00:59 +00:00			`---`
Fix: role name 2020-03-17 04:44:48 +00:00			`# - name: ssh -- Copy sshd_config`
Still play with vars precedence and try backrefs for lineinfile 2018-08-24 09:22:07 +00:00			`# template:`
			`# src: files/sshd_config`
			`# dest: /etc/ssh/sshd_config`
editing sshd and add public keys 2018-08-24 09:00:52 +00:00
Fix: role name 2020-03-17 04:44:48 +00:00			`- name: ssh -- Disable empty password login`
editing sshd and add public keys 2018-08-24 09:00:52 +00:00			`lineinfile:`
			`dest: /etc/ssh/sshd_config`
			`regexp: "^#?PermitEmptyPasswords"`
			`line: "PermitEmptyPasswords no"`
Still play with vars precedence and try backrefs for lineinfile 2018-08-24 09:22:07 +00:00			`backrefs: yes`
Feat(choux): add first_deployement tag 2018-11-07 09:57:55 +00:00			`tags:`
			`- first_deployement`
editing sshd and add public keys 2018-08-24 09:00:52 +00:00
Fix: role name 2020-03-17 04:44:48 +00:00			`- name: ssh -- Disable remote root login`
editing sshd and add public keys 2018-08-24 09:00:52 +00:00			`lineinfile:`
			`dest: /etc/ssh/sshd_config`
			`regexp: "^#?PermitRootLogin"`
			`line: "PermitRootLogin no"`
Still play with vars precedence and try backrefs for lineinfile 2018-08-24 09:22:07 +00:00			`backrefs: yes`
Feat(choux): add first_deployement tag 2018-11-07 09:57:55 +00:00			`tags:`
			`- first_deployement`
editing sshd and add public keys 2018-08-24 09:00:52 +00:00
Fix: role name 2020-03-17 04:44:48 +00:00			`- name: ssh -- Disable password login`
editing sshd and add public keys 2018-08-24 09:00:52 +00:00			`lineinfile:`
			`dest: /etc/ssh/sshd_config`
			`regexp: "^#?PasswordAuthentication"`
			`line: "PasswordAuthentication no"`
Still play with vars precedence and try backrefs for lineinfile 2018-08-24 09:22:07 +00:00			`backrefs: yes`
nop.. try succeeded 2018-08-25 13:15:17 +00:00			`when: add_identity_key is succeeded and not add_identity_key is skipped`
Config sshd 2018-08-24 08:13:15 +00:00			`notify: restart sshd`
Feat(choux): add first_deployement tag 2018-11-07 09:57:55 +00:00			`tags:`
			`- first_deployement`
Config sshd 2018-08-24 08:13:15 +00:00
Fix: role name 2020-03-17 04:44:48 +00:00			`- name: ssh -- Enable SSH daemon (not Debian)`
Config sshd 2018-08-24 08:13:15 +00:00			`service:`
			`name: sshd`
			`state: started`
			`enabled: yes`
Feat(choux): add first_deployement tag 2018-11-07 09:57:55 +00:00			`tags:`
			`- first_deployement`
feat(ssh): ssh daemon name 2019-02-06 19:18:37 +00:00			`when: ansible_distribution != 'Debian'`
Add sshd handlers 2018-08-24 08:17:21 +00:00
Fix: role name 2020-03-17 04:44:48 +00:00			`- name: ssh -- Enable SSH daemon (Debian)`
feat(ssh): ssh daemon name 2019-02-06 19:18:37 +00:00			`service:`
			`name: ssh`
			`state: started`
			`enabled: yes`
			`when: ansible_distribution == 'Debian'`