From 8c1024c23cb24238b490586cc02ac42f5a89e83e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Lecour?= <jeremy.lecour@gmail.com>
Date: Sun, 8 Oct 2017 14:23:21 +0200
Subject: [PATCH] No need to add individual users, a group is enough

---
 evolinux-users/tasks/ssh.yml | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/evolinux-users/tasks/ssh.yml b/evolinux-users/tasks/ssh.yml
index 85d01a8b..796ff341 100644
--- a/evolinux-users/tasks/ssh.yml
+++ b/evolinux-users/tasks/ssh.yml
@@ -59,13 +59,14 @@
   register: grep_matchuser_ssh
   check_mode: no
 
-- name: "Add Match User sshd directive for '{{ user.name }}'"
-  lineinfile:
-    dest: /etc/ssh/sshd_config
-    line: "\nMatch User {{ user.name }}\n    PasswordAuthentication no"
-    validate: '/usr/sbin/sshd -T -f %s'
-  notify: reload sshd
-  when: grep_matchuser_ssh.rc != 0
+# - name: "Add Match User sshd directive for '{{ user.name }}'"
+#   lineinfile:
+#     dest: /etc/ssh/sshd_config
+#     line: "\nMatch User {{ user.name }}\n    PasswordAuthentication no"
+#     insertbefore: "# BEGIN EVOLINUX PASSWORD RESTRICTIONS"
+#     validate: '/usr/sbin/sshd -T -f %s'
+#   notify: reload sshd
+#   when: grep_matchuser_ssh.rc != 0
 
 - name: "Modify Match User's sshd directive for '{{ user.name }}'"
   replace: