ansible-debian/tasks/openssh.yml

- name: Add hardened SSH config
  copy:
    src: etc/ssh/sshd_config
    dest: /etc/ssh/sshd_config
    owner: root
    group: root
    mode: 0600
  register: config_change

- name: Reload SSH daemon after config change
  systemd:
    name: ssh.service
    daemon_reload: yes
    state: reloaded
  when: config_change.changed
Move files to this submodule 2024-03-21 23:06:28 +01:00			`- name: Add hardened SSH config`
			`copy:`
			`src: etc/ssh/sshd_config`
			`dest: /etc/ssh/sshd_config`
			`owner: root`
			`group: root`
			`mode: 0600`
			`register: config_change`

			`- name: Reload SSH daemon after config change`
			`systemd:`
			`name: ssh.service`
			`daemon_reload: yes`
			`state: reloaded`
			`when: config_change.changed`