From eec87d3b33be760587d91825bdf67972202f6e6f Mon Sep 17 00:00:00 2001
From: "Daniel A. Maierhofer" <git@damadmai.at>
Date: Sat, 28 Jul 2018 19:04:26 +0200
Subject: [PATCH] Improve SSH key management

---
 tasks/openssh.yml | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/tasks/openssh.yml b/tasks/openssh.yml
index dff0267..a6755c8 100644
--- a/tasks/openssh.yml
+++ b/tasks/openssh.yml
@@ -17,16 +17,17 @@
 
 - name: openssh - config
   template:
-      dest: /etc/ssh/sshd_config
-      src: sshd_config.j2
-      owner: root
-      group: root
-      mode: 0644
-      validate: '/usr/sbin/sshd -T -f %s'
+    dest: /etc/ssh/sshd_config
+    src: sshd_config.j2
+    owner: root
+    group: root
+    mode: 0644
+    validate: '/usr/sbin/sshd -T -f %s'
   notify: reload openssh
 
 - name: openssh - root keys
-  authorized_key: user=root key={{ common_openssh_keys_root | join("\n") }} exclusive=yes
+  authorized_key: "user=root key={{ item.key }} state={{ item.state | default('present') }}"
+  with_items: "{{ common_openssh_keys_root }}"
   when: common_openssh_keys_root
   tags: 'ssh-keys'