Configure SSH
This commit is contained in:
parent
16214f4f19
commit
785166368a
5 changed files with 40 additions and 0 deletions
|
@ -2,3 +2,4 @@
|
||||||
- include: debian.yml
|
- include: debian.yml
|
||||||
when: ansible_distribution == 'Debian'
|
when: ansible_distribution == 'Debian'
|
||||||
- include: modules.yml
|
- include: modules.yml
|
||||||
|
- include: ssh.yml
|
||||||
|
|
20
roles/distro/tasks/ssh.yml
Normal file
20
roles/distro/tasks/ssh.yml
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
---
|
||||||
|
- name: Disable SSH passwords
|
||||||
|
become: true
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/ssh/sshd_config
|
||||||
|
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||||
|
line: 'PasswordAuthentication no'
|
||||||
|
register: changed_ssh_config
|
||||||
|
- name: Enable SSH
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: ssh.service
|
||||||
|
enabled: yes
|
||||||
|
state: started
|
||||||
|
- name: Restart SSH
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: ssh.service
|
||||||
|
state: restarted
|
||||||
|
when: changed_ssh_config.changed == true
|
|
@ -19,3 +19,8 @@
|
||||||
file:
|
file:
|
||||||
path: "{{ ansible_env.HOME }}/.config/autostart"
|
path: "{{ ansible_env.HOME }}/.config/autostart"
|
||||||
state: directory
|
state: directory
|
||||||
|
- name: Create ~/.ssh directory
|
||||||
|
file:
|
||||||
|
path: "{{ ansible_env.HOME }}/.ssh"
|
||||||
|
state: directory
|
||||||
|
mode: '0700'
|
||||||
|
|
|
@ -7,3 +7,4 @@
|
||||||
- include: mate.yml
|
- include: mate.yml
|
||||||
- include: shell.yml
|
- include: shell.yml
|
||||||
- include: vim.yml
|
- include: vim.yml
|
||||||
|
- include: ssh-authorized-keys.yml
|
||||||
|
|
13
roles/home/tasks/ssh-authorized-keys.yml
Normal file
13
roles/home/tasks/ssh-authorized-keys.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: Add home key to authorized_keys
|
||||||
|
lineinfile:
|
||||||
|
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||||
|
line: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUfTUp1m8MUCjj0Vu8E9sVGwvf4FWL4QcaZ6m8gK5+xGZl+w+yAcb1acH/96Y0DaP4ZNDassC5OlE6F1oJ+cIKtTykXBxqlChLRDCdX8JCt3sBaVmEcRJ0v8MMQrqWX2ajAW6fC/zNYJ4qbhTMGLiEUPbYu7gZKn0e+MEPBRrxdXzqVLTBq0RMelGx74UpZUwzwROq+VxLsFrumFZNFNJL+rWEK3XO5SsQkNp5QNYluIr8+WDbVU6V2thgJTcFpWWWYVg/al5iY5/bcnVSpzoab7Xxo98OYzpSrY0g+CqkLQkfRehOUMeEOGQYZxpUaXFhg2jE+Kf7W2gm3CeJWTzP anthony@acperkins.com"
|
||||||
|
create: yes
|
||||||
|
mode: '0600'
|
||||||
|
- name: Add work key to authorized_keys
|
||||||
|
lineinfile:
|
||||||
|
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||||
|
line: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjRPqXzNlrmPWGC6yRCnZszewblS6JcQeNBkHuNmWD9WoMFGLvjkl+NGiC01k9su4JMfz6vOvNG1A6J16+uhEz0+Q70Z/kCM91EqYK8iiGA+qfC2y5PMA10BtWInQ9OqPbanv38ZBB7+afOcEbGR3CC56rp/uibwdBo2RpVRjAjZfsC64tZ6Pt8C55rVvBeZwNtXtw9RIwKAJGmlBsZEdIKpTHIf2IDfPWX3OLahcNA5/6aNB65qQV7fqQXEgBSjJmMsdCD8Jy5O+f7rzC+kFxozB/36mV1pBgZhT/iTK9fFJip0vyFFjk4CPRRbrnnJUBod/aGfWAP876b/0DXviWQ== anthony.perkins@mkcollege.ac.uk"
|
||||||
|
create: yes
|
||||||
|
mode: '0600'
|
Loading…
Reference in a new issue