Home Explore Help
Sign In
mark22k
/
ansible-openwrt-crxn
mirror of https://codeberg.org/mark22k/ansible-openwrt-crxn.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Tree: 80a851936b
Branches Tags
ansible-open...
/
roles
/
config-ssh
/
tasks
/
main.yml

main.yml 770 B
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. ---
    2. 

  2. - name: Delete old host keys
    3. 

  3.   ansible.builtin.file:
    4. 

  4.     path: "/etc/dropbear/dropbear_rsa_host_key"
    5. 

  5.     state: absent
    6. 

  6.   notify:
    7. 

  7.     - Save changes
    8. 

  8. 

  9. - name: Copy host keys
    10. 

  10.   template:
    11. 

  11.     src: templates/host_key.j2
    12. 

  12.     dest: /etc/dropbear/dropbear_ed25519_host_key
    13. 

  13.     owner: root
    14. 

  14.     group: root
    15. 

  15.     mode: 0600
    16. 

  16.   notify:
    17. 

  17.     - Save changes
    18. 

  18. 

  19. - name: Copy authorized keys
    20. 

  20.   template:
    21. 

  21.     src: templates/authorized_keys.j2
    22. 

  22.     dest: /etc/dropbear/authorized_keys
    23. 

  23.     owner: root
    24. 

  24.     group: root
    25. 

  25.     mode: 0600
    26. 

  26.   notify:
    27. 

  27.     - Save changes
    28. 

  28. 

  29. - name: Disable password authentication
    30. 

  30.   uci:
    31. 

  31.     command: section
    32. 

  32.     config: dropbear
    33. 

  33.     type: dropbear
    34. 

  34.     find_by:
    35. 

  35.       Port: 22
    36. 

  36.     value:
    37. 

  37.       PasswordAuth: off
    38. 

  38.       RootPasswordAuth: off
    39. 

  39.   notify:
    40. 

  40.     - Save changes
    41. 

  41.