From 2cb4b23cd59d862c76c5ef4278cc593610baf4f4 Mon Sep 17 00:00:00 2001
From: rubenb <rubenb@verdnatura.es>
Date: Wed, 18 Oct 2023 10:58:22 +0200
Subject: [PATCH] change task sshd_config to no root password

---
 .../roles/config-root-user/tasks/main.yaml    | 34 +++++++++++--------
 .../roles/config-root-user/vars/main.yaml     |  3 +-
 2 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/linux/base-config-debian/roles/config-root-user/tasks/main.yaml b/linux/base-config-debian/roles/config-root-user/tasks/main.yaml
index e024019..d798ea4 100644
--- a/linux/base-config-debian/roles/config-root-user/tasks/main.yaml
+++ b/linux/base-config-debian/roles/config-root-user/tasks/main.yaml
@@ -22,22 +22,26 @@
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 # config sshd_config file , no root password
 - name: change sshd_config to no root password
-  copy:
-    src: "{{ source_path_ssh }}"
-    dest: "{{ dest_path_ssh }}"
-    remote_src: yes
-    owner: root
-    group: root
-    mode: '0644'
-#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
-#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+  lineinfile:
+    path: "{{ path_sshd_config_file }}"
+    regexp: "PermitRootLogin yes"
+    line: "#PermitRootLogin prohibit-password"
+    state: present
+#- name: change sshd_config to no root password
+#  copy:
+#    src: "{{ source_path_ssh }}"
+#    dest: "{{ dest_path_ssh }}"
+#    remote_src: yes
+#    owner: root
+#    group: root
+#    mode: '0644'
 # delete file sshd_config.orig
-- name: delete /etc/ssh/sshd_config.orig file
-  file:
-    path: "{{ source_path_ssh }}"
-    state: absent
-  notify: Restart ssh service
+#- name: delete /etc/ssh/sshd_config.orig file
+#  file:
+#    path: "{{ source_path_ssh }}"
+#    state: absent
+#  notify: Restart ssh service
+
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/linux/base-config-debian/roles/config-root-user/vars/main.yaml b/linux/base-config-debian/roles/config-root-user/vars/main.yaml
index 64437b1..fccd459 100644
--- a/linux/base-config-debian/roles/config-root-user/vars/main.yaml
+++ b/linux/base-config-debian/roles/config-root-user/vars/main.yaml
@@ -1,4 +1,3 @@
 ---
-source_path_ssh: /etc/ssh/sshd_config.orig
-dest_path_ssh: /etc/ssh/sshd_config
+path_sshd_config_file: /etc/ssh/sshd_config
 path_bashrc_root: /root/.bashrc
\ No newline at end of file