sshd.yml

- hosts: computers
  #strategy: free
  tasks:
#  - win_feature:
#      name: OpenSSH.Server
#      state: present
#  - win_capability:
#      name: OpenSSH.Server
#      state: present
#  - win_shell:
#      Remove-WindowsCapability -Online -Name 'OpenSSH.Server~~~~0.0.1.0'
#    become: yes
#    become_user: SYSTEM
#    register: ssh_uninstall
#    changed_when: "'RestartNeeded : True' in ssh_install.stdout"
#    failed_when: "'RestartNeeded : ' not in ssh_install.stdout"
    #ignore_errors: yes

  - win_chocolatey:
      name: openssh
      state: latest
      package_params: /SSHServerFeature
    register: package
    tags: package

  - name: open port {{ opt_openssh_port }} for inbound SSH connections
    win_firewall_rule:
      name: Win32-OpenSSH inbound
      protocol: tcp
      localport: 22
      direction: in
      action: allow
      state: present
      enabled: yes
      profiles: domain,private
    tags: firewall

  - win_service:
      name: sshd
      state: started
      start_mode: delayed
      force: yes
      force_dependent_services: yes
    when: package is changed
    tags: service

  - name: Registry configuration for ictadmin
    win_regedit:
      path: HKLM:\SOFTWARE\OpenSSH
      name: '{{ item.name }}'
      data: '{{ item.data|default(None) }}'
      type: "{{ item.type|default('dword') }}"
      state: "{{ item.state|default('present') }}"
    with_items:
    - name: DefaultShell
      type: string
      data: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    - name: DefaultShellCommandOption
      type: string
      data: /c
      state: absent
    - name: DefaultShellEscapeArguments
      data: 0
      state: absent
    tags: registry

  - win_file:
      path: '%USERPROFILE%/.ssh/'
      state: directory
    tags: key

  - win_copy:
      src: authorized_keys
      dest: '%USERPROFILE%/.ssh/authorized_keys'
    tags: key