homeserver/playbooks/on-off/delete_ssh.yml

---
- hosts: all
  tasks:
    - name: delete /home/mg/.ssh/authorized_keys
      become: yes
      ansible.builtin.file:
        name: /home/mg/.ssh/authorized_keys
        state: absent
    - name: delete /home/ansible-user/.ssh/authorized_keys
      become: yes
      ansible.builtin.file:
        name: /home/ansible-user/.ssh/authorized_keys
        state: absent
    - name: prohibit ssh login with password
      become: yes
      ansible.builtin.lineinfile:
        path: /etc/ssh/sshd_config
        regexp: 'PasswordAuthentication no'
        line: 'PasswordAuthentication yes'
        state: present
    - name: restart_sshd
      become: yes
      systemd:
        name: sshd
        enabled: yes
        state: restarted
SSH aufgeräumt + neu deployed (#72) * bootstrap rolle bugfix: https://github.com/robertdebock/ansible-role-bootstrap/issues/43 * on-off Playbook - delete_ssh * KeepassDB in git aufgenommen * Variable wird nicht mehr genutzt 2020-11-25 14:34:49 +01:00			`---`
			`- hosts: all`
			`tasks:`
			`- name: delete /home/mg/.ssh/authorized_keys`
			`become: yes`
			`ansible.builtin.file:`
			`name: /home/mg/.ssh/authorized_keys`
			`state: absent`
			`- name: delete /home/ansible-user/.ssh/authorized_keys`
			`become: yes`
			`ansible.builtin.file:`
			`name: /home/ansible-user/.ssh/authorized_keys`
			`state: absent`
			`- name: prohibit ssh login with password`
			`become: yes`
			`ansible.builtin.lineinfile:`
			`path: /etc/ssh/sshd_config`
			`regexp: 'PasswordAuthentication no'`
			`line: 'PasswordAuthentication yes'`
			`state: present`
			`- name: restart_sshd`
			`become: yes`
			`systemd:`
			`name: sshd`
			`enabled: yes`
			`state: restarted`