--- /dev/null
+# Le CT template doit avoir au minimum le user alex avec la clés SSH
+# Paquets indispensables : Sudo, SSH et Python
+
+ - name: PasswordAuthentication
+ lineinfile: dest=/etc/ssh/sshd_config regexp="^PasswordAuthentication" line="PasswordAuthentication no" state=present
+ notify:
+ - Restart sshd
+
+ - name: PermitRootLogin
+ lineinfile: dest=/etc/ssh/sshd_config regexp="^PermitRootLogin" line="PermitRootLogin no" state=present
+ notify:
+ - Restart sshd
+
+ - name: X11Forwarding
+ lineinfile: dest=/etc/ssh/sshd_config regexp="^X11Forwarding" line="X11Forwarding no" state=present
+ notify:
+ - Restart sshd
+
+ - name: ChallengeResponseAuthentication
+ lineinfile: dest=/etc/ssh/sshd_config regexp="^ChallengeResponseAuthentication" line="ChallengeResponseAuthentication no" state=present
+ notify:
+ - Restart sshd
+
+ - name: UsePAM
+ lineinfile: dest=/etc/ssh/sshd_config regexp="^UsePAM" line="UsePAM yes" state=present
+ notify:
+ - Restart sshd
+
+ - name: UseDNS
+ lineinfile: dest=/etc/ssh/sshd_config regexp="^UseDNS" line="UseDNS no" state=present
+ notify:
+ - Restart sshd
+
+
+