Skip to content
Snippets Groups Projects
Commit 50d5c7d6 authored by Lars Beckers's avatar Lars Beckers
Browse files

add key removal facility

parent aff064d9
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
common/files/keys-removed/.empty 0 → 100644
+ 0
0
View file @ 50d5c7d6
common/tasks/sshd.yml
+ 13
5
View file @ 50d5c7d6
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
- name: ensure sshd is installed - name: ensure sshd is installed
apt: name=openssh-server state=latest apt: name=openssh-server state=latest
tags: tags:
- sshd - ssh
- packages - packages
- name: ensure sshd configured - name: ensure sshd configured
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
notify: notify:
- restart sshd - restart sshd
tags: tags:
- sshd - ssh
- config - config
- name: ensure home dir creation on first login - name: ensure home dir creation on first login
...@@ -20,13 +20,13 @@ ...@@ -20,13 +20,13 @@
notify: notify:
- restart sshd - restart sshd
tags: tags:
- sshd - ssh
- config - config
- name: ensure sshd is running and enabled - name: ensure sshd is running and enabled
service: name=ssh state=running enabled=yes service: name=ssh state=running enabled=yes
tags: tags:
- sshd - ssh
- service - service
- name: ensure every ssh-key is installed - name: ensure every ssh-key is installed
...@@ -34,5 +34,13 @@ ...@@ -34,5 +34,13 @@
with_fileglob: with_fileglob:
- keys/*.pub - keys/*.pub
tags: tags:
- sshd - ssh
- root
- name: ensure old ssh-keys are removed
authorized_key: user=root key="{{ lookup('file', item) }}" state=absent
with_fileglob:
- keys-removed/*.pub
tags:
- ssh
- root - root
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment