Commit bfb58956 authored by Felix Delattre's avatar Felix Delattre
Browse files

Merge branch 'feature/authorized-key' into 'master'

Updated way of placing authorized key

See merge request !1
parents 6727e1e4 6b85bfbc
---
- name: Install tools for remote access
- name: Install tools for remote access.
apt:
name: openssh-server
- name: Check if ssh_login group exists
- name: Check if ssh_login group exists.
group:
name: "{{ secure_ssh_group }}"
state: present
register: logingroup
check_mode: yes # do not create group
- name: Adding existing user to group ssh_login
- name: Adding existing user to group ssh_login.
user: name=user
groups={{ secure_ssh_group }}
append=yes
- name: Make sure that the .ssh directory exsists
file:
path: "/home/user/.ssh"
state: directory
mode: 0755
- name: Download authorized_keys file
get_url:
url: "{{ ssh_authorized_keys }}"
dest: "/home/user/.ssh/authorized_keys"
owner: user
group: user
mode: 0644
- name: Ensure authorized key is in place.
authorized_key:
user: user
state: present
key: "{{ ssh_authorized_keys }}"
# At this point, at least one user must be present which is member
# of ssh_login, otherwise we will lock ourselves out of the system!
......@@ -36,7 +28,7 @@
msg: "{{ secure_ssh_group }} must exist, you will lock yourself out of the system!"
when: logingroup.changed
- name: Secured ssh configuration (disallows password login!)
- name: Secured ssh configuration (disallows password login!).
template:
src: "sshd_config.j2"
dest: "/etc/ssh/sshd_config"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment