From 44c0237bc81c69dc9b2c9f005fc5c0cf4f0cf353 Mon Sep 17 00:00:00 2001
From: William Woodruff <william@yossarian.net>
Date: Sun, 17 Nov 2019 13:15:56 -0500
Subject: [PATCH] roles/common: Add sshd tasks

---
 roles/common/tasks/main.yml | 2 ++
 roles/common/tasks/sshd.yml | 8 ++++++++
 2 files changed, 10 insertions(+)
 create mode 100644 roles/common/tasks/sshd.yml

diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 0233096..7d1cc08 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -24,4 +24,6 @@
   tags:
     - always
 
+- import_tasks: sshd.yml
+
 - meta: flush_handlers
diff --git a/roles/common/tasks/sshd.yml b/roles/common/tasks/sshd.yml
new file mode 100644
index 0000000..422e17b
--- /dev/null
+++ b/roles/common/tasks/sshd.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Disable root password login
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: '^#?PermitRootLogin'
+    line: PermitRootLogin prohibit-password
+    state: present