Add role for managing sshd settings

roles/sshd/tasks/main.yml

@@ -0,0 +1,33 @@
+---
+- name: Install SSH Banner
+  become: true
+  template:
+    src: motd.j2
+    dest: /etc/issue.net
+    mode: 0644
+
+- name: Set parameters in sshd config
+  become: true
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "{{ item.match }}"
+    line: "{{ item.set }}"
+    state: present
+  loop:
+    - match: "#?PermitRootLogin (yes|no)"
+      set: "PermitRootLogin no"
+    - match: "#?Banner (none|/etc/issue.net)"
+      set: "Banner /etc/issue.net"
+    - match: "#?PasswordAuthentication (yes|no)"
+      set: "PasswordAuthentication no"
+    - match: "#?GSSAPIAuthentication (yes|no)"
+      set: "GSSAPIAuthentication no"
+    - match: "#?ChallengeResponseAuthentication (yes|no)"
+      set: "ChallengeResponseAuthentication no"
+
+- name: Restart sshd service
+  when: restart_services | default(false) == true
+  become: true
+  systemd:
+    name: sshd
+    state: restarted

roles/sshd/templates/motd.j2

@@ -0,0 +1,7 @@
+
+     ////////////   ////     ////   ///////////
+    ////           //////   ////   ////    ////
+   ////////       //// /// ////   ///////////
+  ////           ////   //////   ////
+ ////////////   ////     ////   {{ description | default('Omni Network System') }}
+ _______________________________{{ description | default('Omni Network System') | length * '\\' }}\