From 84667fd186fc2fe72d44afd1a595112b5adf54db Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 10 Dec 2017 03:10:30 +0100
Subject: initial config for thetys

---
 roles/sshserver/tasks/main.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'roles/sshserver')

diff --git a/roles/sshserver/tasks/main.yaml b/roles/sshserver/tasks/main.yaml
index d2c5c9f0..fd92f12d 100644
--- a/roles/sshserver/tasks/main.yaml
+++ b/roles/sshserver/tasks/main.yaml
@@ -25,3 +25,15 @@
     regexp: "^AllowUsers"
     line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshserver_allowusers_group | default([])) | union(sshserver_allowusers_host | default([]))) }}"
   notify: restart ssh
+
+- name: install ssh keys for root
+  authorized_key:
+    user: root
+    key: "{{ sshserver_root_keys }}"
+    exclusive: yes
+
+- name: delete root password
+  user:
+    name: root
+    password: "!"
+
-- 
cgit v1.2.3