Configure SSH

This commit is contained in:
Anthony Rose 2019-10-05 20:33:23 +01:00
parent 16214f4f19
commit 785166368a
5 changed files with 40 additions and 0 deletions

View file

@ -2,3 +2,4 @@
- include: debian.yml - include: debian.yml
when: ansible_distribution == 'Debian' when: ansible_distribution == 'Debian'
- include: modules.yml - include: modules.yml
- include: ssh.yml

View file

@ -0,0 +1,20 @@
---
- name: Disable SSH passwords
become: true
lineinfile:
path: /etc/ssh/sshd_config
regexp: '^#?\w*PasswordAuthentication (yes|no)'
line: 'PasswordAuthentication no'
register: changed_ssh_config
- name: Enable SSH
become: true
systemd:
name: ssh.service
enabled: yes
state: started
- name: Restart SSH
become: true
systemd:
name: ssh.service
state: restarted
when: changed_ssh_config.changed == true

View file

@ -19,3 +19,8 @@
file: file:
path: "{{ ansible_env.HOME }}/.config/autostart" path: "{{ ansible_env.HOME }}/.config/autostart"
state: directory state: directory
- name: Create ~/.ssh directory
file:
path: "{{ ansible_env.HOME }}/.ssh"
state: directory
mode: '0700'

View file

@ -7,3 +7,4 @@
- include: mate.yml - include: mate.yml
- include: shell.yml - include: shell.yml
- include: vim.yml - include: vim.yml
- include: ssh-authorized-keys.yml

View file

@ -0,0 +1,13 @@
---
- name: Add home key to authorized_keys
lineinfile:
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
line: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUfTUp1m8MUCjj0Vu8E9sVGwvf4FWL4QcaZ6m8gK5+xGZl+w+yAcb1acH/96Y0DaP4ZNDassC5OlE6F1oJ+cIKtTykXBxqlChLRDCdX8JCt3sBaVmEcRJ0v8MMQrqWX2ajAW6fC/zNYJ4qbhTMGLiEUPbYu7gZKn0e+MEPBRrxdXzqVLTBq0RMelGx74UpZUwzwROq+VxLsFrumFZNFNJL+rWEK3XO5SsQkNp5QNYluIr8+WDbVU6V2thgJTcFpWWWYVg/al5iY5/bcnVSpzoab7Xxo98OYzpSrY0g+CqkLQkfRehOUMeEOGQYZxpUaXFhg2jE+Kf7W2gm3CeJWTzP anthony@acperkins.com"
create: yes
mode: '0600'
- name: Add work key to authorized_keys
lineinfile:
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
line: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjRPqXzNlrmPWGC6yRCnZszewblS6JcQeNBkHuNmWD9WoMFGLvjkl+NGiC01k9su4JMfz6vOvNG1A6J16+uhEz0+Q70Z/kCM91EqYK8iiGA+qfC2y5PMA10BtWInQ9OqPbanv38ZBB7+afOcEbGR3CC56rp/uibwdBo2RpVRjAjZfsC64tZ6Pt8C55rVvBeZwNtXtw9RIwKAJGmlBsZEdIKpTHIf2IDfPWX3OLahcNA5/6aNB65qQV7fqQXEgBSjJmMsdCD8Jy5O+f7rzC+kFxozB/36mV1pBgZhT/iTK9fFJip0vyFFjk4CPRRbrnnJUBod/aGfWAP876b/0DXviWQ== anthony.perkins@mkcollege.ac.uk"
create: yes
mode: '0600'