30 lines
763 B
YAML
30 lines
763 B
YAML
- name: Generate a new SSH key pair
|
|
openssh_keypair:
|
|
path: /etc/ssh/ssh_host_rsa_key
|
|
type: rsa
|
|
size: 4096
|
|
register: new_pair
|
|
- name: Configure sshd_config settings
|
|
copy:
|
|
dest: /etc/ssh/sshd_config.d/custom.conf
|
|
content: |
|
|
# Do not edit this file! Ansible will overwrite it.
|
|
|
|
ListenAddress 0.0.0.0
|
|
SyslogFacility AUTH
|
|
permitRootLogin yes
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
- name: Delete old host SSH keys
|
|
file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
with_items:
|
|
- /etc/ssh/ssh_host_ecdsa_key
|
|
- /etc/ssh/ssh_host_ecdsa_key.pub
|
|
- /etc/ssh/ssh_host_ed25519_key
|
|
- /etc/ssh/ssh_host_ed25519_key.pub
|
|
when: new_pair is succeeded
|
|
notify: restart sshd
|