71 lines
1.3 KiB
YAML
71 lines
1.3 KiB
YAML
---
|
|
|
|
sshd_config_path: /etc/ssh
|
|
|
|
ssh_port: 22
|
|
ssh_address_family: any
|
|
ssh_listen_addresses:
|
|
- 0.0.0.0
|
|
|
|
ssh_allow_groups: ssh
|
|
ssh_login_grace_time: 20
|
|
ssh_permit_root_login: 'no'
|
|
ssh_strict_modes: 'yes'
|
|
ssh_max_auth_tries: 3
|
|
ssh_max_sessions: 2
|
|
|
|
ssh_pubkey_authentication: 'yes'
|
|
|
|
ssh_authorized_keys_file: .ssh/authorized_keys
|
|
|
|
ssh_kexalgorithms:
|
|
# Mozilla Modern
|
|
- curve25519-sha256@libssh.org
|
|
- ecdh-sha2-nistp521
|
|
- ecdh-sha2-nistp384
|
|
- ecdh-sha2-nistp256
|
|
- diffie-hellman-group-exchange-sha256
|
|
|
|
ssh_ciphers:
|
|
# Mozilla Modern
|
|
- chacha20-poly1305@openssh.com
|
|
- aes256-gcm@openssh.com
|
|
- aes128-gcm@openssh.com
|
|
- aes256-ctr
|
|
- aes192-ctr
|
|
- aes128-ctr
|
|
|
|
ssh_macs:
|
|
# Mozilla Modern
|
|
- hmac-sha2-512-etm@openssh.com
|
|
- hmac-sha2-256-etm@openssh.com
|
|
- umac-128-etm@openssh.com
|
|
- hmac-sha2-512
|
|
- hmac-sha2-256
|
|
- umac-128@openssh.com
|
|
|
|
ssh_hostbased_authentication: 'no'
|
|
ssh_password_authentication: 'no'
|
|
ssh_permit_empty_passwords: 'no'
|
|
ssh_challenge_response_authentication: 'no'
|
|
ssh_kerberos_authentication: 'no'
|
|
ssh_gssapi_authentication: 'no'
|
|
ssh_use_pam: 'yes'
|
|
|
|
ssh_allow_agent_forwarding: 'no'
|
|
ssh_permit_tunnel: 'no'
|
|
|
|
ssh_x11_forwarding: 'no'
|
|
|
|
ssh_print_motd: 'no'
|
|
|
|
ssh_permit_user_env: false
|
|
ssh_accept_env:
|
|
- LANG
|
|
- 'LC_*'
|
|
|
|
ssh_banner: true
|
|
ssh_banner_file: /etc/issue.net
|
|
|
|
ssh_loglevel: "VERBOSE"
|