change task sshd_config to no root password

linux/base-config-debian/roles/config-root-user/tasks/main.yaml

@@ -22,22 +22,26 @@
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 # config sshd_config file , no root password
 - name: change sshd_config to no root password
-  copy:
-    src: "{{ source_path_ssh }}"
-    dest: "{{ dest_path_ssh }}"
-    remote_src: yes
-    owner: root
-    group: root
-    mode: '0644'
-#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
-#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+  lineinfile:
+    path: "{{ path_sshd_config_file }}"
+    regexp: "PermitRootLogin yes"
+    line: "#PermitRootLogin prohibit-password"
+    state: present
+#- name: change sshd_config to no root password
+#  copy:
+#    src: "{{ source_path_ssh }}"
+#    dest: "{{ dest_path_ssh }}"
+#    remote_src: yes
+#    owner: root
+#    group: root
+#    mode: '0644'
 # delete file sshd_config.orig
-- name: delete /etc/ssh/sshd_config.orig file
-  file:
-    path: "{{ source_path_ssh }}"
-    state: absent
-  notify: Restart ssh service
+#- name: delete /etc/ssh/sshd_config.orig file
+#  file:
+#    path: "{{ source_path_ssh }}"
+#    state: absent
+#  notify: Restart ssh service
+
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

linux/base-config-debian/roles/config-root-user/vars/main.yaml

@@ -1,4 +1,3 @@
 ---
-source_path_ssh: /etc/ssh/sshd_config.orig
-dest_path_ssh: /etc/ssh/sshd_config
+path_sshd_config_file: /etc/ssh/sshd_config
 path_bashrc_root: /root/.bashrc