renamed templates to be consistent with coding standard.

removed comment line in ssh_config

roles/common/tasks/security.yml

   service: name=fail2ban state=started
 
 - name: Update sshd config for PFS and more secure defaults
-  template: src=sshd.j2 dest=/etc/ssh/sshd_config
+  template: src=etc_ssh_sshd_config.j2 dest=/etc/ssh/sshd_config
   notify: restart ssh
   
 - name: Update ssh config for more secure defaults
-  template: src=ssh.j2 dest=/etc/ssh/ssh_config
+  template: src=etc_ssh_ssh_config.j2 dest=/etc/ssh/ssh_config
 

roles/common/templates/ssh.j2 → roles/common/templates/etc_ssh_ssh_config.j2

     Ciphers {{ ciphers }}
-    #KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
     KexAlgorithms {{ kex_algorithms }}
     SendEnv LANG LC_*
     HashKnownHosts yes