Update linux/compliance.yaml

2024-10-28 13:13:47 -05:00 · 2024-10-28 13:13:47 -05:00 · d7354c291e
commit d7354c291e
parent 17497d458b
1 changed files with 12 additions and 6 deletions
--- a/linux/compliance.yaml
+++ b/linux/compliance.yaml
@ -23,9 +23,12 @@
        path: /home/ansible/.ssh
        state: directory
    - name: Add deployment user's SSH key.
-      shell:
-        cmd: echo "{{ ansiblesvc_key }}" > /home/ansible/.ssh/authorized_keys
-        creates: /home/ansible/.ssh/authorized_keys
+      copy:
+        content: "{{ ansiblesvc_key }}"
+        dest: /home/ansible/.ssh/authorized_keys
+      # shell:
+        # cmd: echo "{{ ansiblesvc_key }}" > /home/ansible/.ssh/authorized_keys
+        # creates: /home/ansible/.ssh/authorized_keys

    # Give ansible sudo rights with no password required.
    - name: Install sudo if not already installed.
@ -68,9 +71,12 @@
        path: /home/nhadmin/.ssh
        state: directory
    - name: Add nhadmin user's SSH key.
-      shell:
-        cmd: echo "{{ nhadmin_key }}" > /home/nhadmin/.ssh/authorized_keys
-        creates: /home/nhadmin/.ssh/authorized_keys
+      copy:
+        content: "{{ nhadmin_key }}"
+        dest: /home/nhadmin/.ssh/authorized_keys
+      # shell:
+        # cmd: echo "{{ nhadmin_key }}" > /home/nhadmin/.ssh/authorized_keys
+        # creates: /home/nhadmin/.ssh/authorized_keys

    # SSH config updating
    - name: Update SSH configuration to disallow root login and disable password authentication.