Update 'README.md'

README.md

@@ -2,26 +2,40 @@
 
 git clone
 
-generate ssh key on target for root
 
-allow root login : PermitRootLogin prohibit-password
 
-add host IP or name to local (ansible machine) /etc/hosts
+add target IP and name to local (ansible machine) /etc/hosts 
+USE ONLY THE NAME IN hosts.yml and .ssh/config
+
+for root:
+ssh-copy-id to target
+
+in hosts.yml be very careful to use:
+Host new.test.server new1 ## The new1 is VERY important as it defines the user variables
+In pass.yml we will have tha variables new1_user_passwd, new1_sudo_passwd and new1_root_passwd
 
 ansible-vault create passwd.yml or ansible-vault edit passwd.yml
 
 move and edit config to ~.ssh/config
 
-ssh-copy-id to target
+
 
 test connection: ansible -m ping --ask-vault-pass --extra-vars '@passwd.yml' TARGET_IP OR NAME -u root
 
 run playbook: ansible-playbook --ask-vault-pass --extra-vars '@passwd.yml' ubuntu/setup-pb.yml -l TARGET_IP OR NAME -u root
 
-Reference: https://www.vultr.com/docs/how-to-configure-a-new-ubuntu-server-with-ansible/
+
 
 On TARGET:
 modify /etc/sysctl.conf, add the line:
 net.ipv4.icmp_echo_ignore_all = 1  #don't respond to pings
 
 and then: sudo sysctl -p
+
+Change :
+allow root login : PermitRootLogin prohibit-password
+to
+allow root login : no
+
+
+Reference: https://www.vultr.com/docs/how-to-configure-a-new-ubuntu-server-with-ansible/