roles/server_install_ssh/tasks/main.yml

@@ -4,6 +4,11 @@
     update_cache: true
     cache_valid_time: 3600
 
+- name: Detect if system is Proxmox (by checking /etc/pve)
+  stat:
+    path: /etc/pve
+  register: pve_check
+
 - name: OpenSSH Server installieren
   ansible.builtin.apt:
     name: openssh-server
@@ -39,3 +44,5 @@
     group: root
     mode: '0644'
   notify: Restart SSH
+  vars:
+    is_proxmox: "{{ pve_check.stat.exists }}"

roles/server_install_ssh/templates/sshd_config.j2

@@ -1,7 +1,14 @@
 # OpenSSH server configuration (managed by Ansible)
 Port {{ ssh_port }}
 Protocol 2
+
+{% if is_proxmox %}
+PermitRootLogin prohibit-password
+AcceptEnv LANG LC_*
+{% else %}
 PermitRootLogin no
+{% endif %}
+
 PasswordAuthentication no
 ChallengeResponseAuthentication no
 UsePAM yes