2024-10-10 11:21:32 +00:00
|
|
|
- name: Generate a new SSH key pair
|
|
|
|
|
openssh_keypair:
|
|
|
|
|
path: /etc/ssh/ssh_host_rsa_key
|
|
|
|
|
type: rsa
|
|
|
|
|
size: 4096
|
|
|
|
|
register: new_pair
|
|
|
|
|
- name: Configure sshd_config settings
|
|
|
|
|
lineinfile:
|
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
|
regexp: "{{ item.regexp }}"
|
|
|
|
|
line: "{{ item.line }}"
|
|
|
|
|
loop:
|
|
|
|
|
- { regexp: '^#ListenAddress 0.0.0.0', line: 'ListenAddress 0.0.0.0' }
|
|
|
|
|
- { regexp: '^#SyslogFacility AUTH', line: 'SyslogFacility AUTH' }
|
2024-10-01 12:14:51 +00:00
|
|
|
- name: Delete old host SSH keys
|
|
|
|
|
file:
|
|
|
|
|
path: "{{ item }}"
|
|
|
|
|
state: absent
|
|
|
|
|
with_items:
|
|
|
|
|
- /etc/ssh/ssh_host_ecdsa_key
|
2024-10-10 11:21:32 +00:00
|
|
|
- /etc/ssh/ssh_host_ecdsa_key.pub
|
2024-10-01 12:14:51 +00:00
|
|
|
- /etc/ssh/ssh_host_ed25519_key
|
2024-10-10 11:21:32 +00:00
|
|
|
- /etc/ssh/ssh_host_ed25519_key.pub
|
|
|
|
|
when: new_pair is succeeded
|
