fix: error message when no weak DH ciphers found

Author: adskyiproger

infrastructure/server-setup/tasks/all/users.yml

@@ -144,15 +144,15 @@
 
 - name: Check short Diffie-Hellman keys
   ansible.builtin.shell: |
-    awk '$5 < 3071' /etc/ssh/moduli | grep -q .
+    awk '$5 < 3071' /etc/ssh/moduli | grep -q . && echo "found" || echo "none"
   register: short_dh_keys
-  ignore_errors: yes
+  changed_when: false
 
 - name: Remove short Diffie-Hellman keys
   ansible.builtin.shell: |
     awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
     mv /etc/ssh/moduli.safe /etc/ssh/moduli
-  when: short_dh_keys.rc == 0
+  when: '"found" in short_dh_keys.stdout'
   become: yes
 
 # Cleanup weak server keys