#30 thanks to @smatterchew sshd config file dropin ability

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/prelim.yml

@@ -175,6 +175,22 @@
       - rule_5.1.1
       - cron
 
+# Added to ensure ssh drop in file exists if not default /etc/ssh/sshd_config
+- name: "PRELIM | Section 5.2 | SSH"
+  ansible.builtin.file:
+      path: "{{ rhel9_cis_sshd_config_file }}"
+      owner: root
+      group: root
+      mode: 0600
+      state: touch
+  when:
+      - rhel9_cis_sshd_config_file != '/etc/ssh/sshd_config'
+      - "'openssh-server' in ansible_facts.packages"
+  tags:
+      - ssh
+      - level1_server
+      - level1_workstation
+
 - name: "PRELIM | Install authconfig"
   ansible.builtin.package:
       name: authconfig