role.ssh-keyonly/tasks/main.yml

---
- name: "Set «PermitRootLogin» to «without-password»"
  lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: '^#? *PermitRootLogin'
    line: "PermitRootLogin without-password"
    backup: yes
  register: sshconfigchanged


- name: Restart sshd
  service:
    name: "{{ ssh_service_name }}"
    state: restarted
    sleep: 5
  when: sshconfigchanged is changed
Initial commit, needs service name as variable 2019-05-07 08:18:30 +00:00			`---`
			`- name: "Set «PermitRootLogin» to «without-password»"`
			`lineinfile:`
			`dest: /etc/ssh/sshd_config`
			`regexp: '^#? *PermitRootLogin'`
			`line: "PermitRootLogin without-password"`
			`backup: yes`
			`register: sshconfigchanged`


			`- name: Restart sshd`
			`service:`
			`name: "{{ ssh_service_name }}"`
			`state: restarted`
			`sleep: 5`
			`when: sshconfigchanged is changed`