From d23b84990b9572926b01253bb746e7d6e8b92234 Mon Sep 17 00:00:00 2001
From: Bo-Chun Louis Chen <louistw@uab.edu>
Date: Tue, 10 Dec 2024 16:14:13 -0600
Subject: [PATCH] feat: ensure keys own by root

---
 ansible/roles/ssh_host_keys/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ansible/roles/ssh_host_keys/tasks/main.yml b/ansible/roles/ssh_host_keys/tasks/main.yml
index 462c09a..b9b5b6b 100644
--- a/ansible/roles/ssh_host_keys/tasks/main.yml
+++ b/ansible/roles/ssh_host_keys/tasks/main.yml
@@ -27,6 +27,8 @@
   ansible.builtin.unarchive:
     src: "/tmp/ssh_keys/{{ SSH_HOST_KEYS_S3_OBJECT }}"
     dest: "/etc/ssh"
+    group: root
+    owner: root
     remote_src: yes
   become: true
 
-- 
GitLab