Refactor ssh related role

[thaim]

No description provided.

[Copilot]

Pull Request Overview

This PR consolidates SSH-related functionality by removing redundant roles (ssh_hosts and secure-sshd) and enhancing the main ssh role with comprehensive SSH client and server configuration capabilities.

• Consolidated multiple SSH-related roles into a single ssh role
• Added SSH client configuration with version detection and keystroke timing settings
• Updated SSH server configuration with modern Ansible modules and best practices

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
roles/ssh_hosts/tasks/main.yml	Removed entire role that handled SSH host key scanning
roles/ssh/tasks/main.yml	Enhanced with SSH client config, version detection, and modernized server config
roles/ssh/files/sshd_config	Removed static SSH daemon configuration file
roles/secure-sshd/tasks/main.yml	Removed entire role that handled authorized keys
roles/secure-sshd/files/sshd_config	Removed static secure SSH daemon configuration file
playbook-desktop.yml	Added ssh role to desktop playbook

[Copilot]

The regex pattern may not reliably extract version numbers from all SSH implementations. Consider using a more robust approach like ssh -V 2>&1 | awk '{print $1}' | cut -d'_' -f2 or add error handling for cases where the pattern doesn't match.

Suggested change

	ssh -V 2>&1 | head -n1 | sed 's/.*_\([0-9]\+\.[0-9]\+\).*/\1/'
	ssh -V 2>&1 | awk '{print $1}' | cut -d'_' -f2 || echo "0.0"

[Copilot]

The condition assumes ssh_version will always be a valid float, but if the regex extraction fails, this could result in an empty string or invalid comparison. Add validation to ensure ssh_version is a valid number before the comparison.

Suggested change

	when: ssh_version < 10.0
	when: ssh_version is defined and ssh_version < 10.0