Skip to content
Snippets Groups Projects
Commit 3fb7e589 authored by bpt's avatar bpt
Browse files

ssh config files added

parent d9a3f94b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
sshd_config 0 → 100644
+ 95
0
View file @ 3fb7e589
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
Protocol 2
#AddressFamily inet
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/root_keys .ssh/authorized_keys
#
TrustedUserCAKeys /etc/ssh/trusted-user-ca-keys.pem
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/ssh/banner
# Allow client to pass locale environment variables
#AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
trusted-user-ca-keys.pem 0 → 100644
+ 1
0
View file @ 3fb7e589
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHTuCVsFNOHlNKviBoQGbrM/6r02TiyH6FXcrZA0W8TD+mQi4tcYZaH8o1zaS0LmdDgCjZEdj3+9kVROQg2P4xhF/RSB4LSd2ofkyI7CWUXKgYmuEOeOe6+/BGG5Pm/1CV9UQWAF+U1s5vkcgS6wRkpqkPs3i+oY17IKLOy/mRX6hFxLVgeQWBCfm4rZB5Tc+ke1ioYKxdEgidciG4qpNfHIENUZ9foc2brQMxFJCmFvwc8t1rngG7KYzKx0ARvM0Z0vmAQ+jHUfCrMU1tNaXLDoKldjvfqlg5cPZDQG554fADoR8v9WoGdfaiUIC1wf6oZK5lW2sNWFaalv9xbIlO6bOLbmCSKNgNwTdlkWJSc+kaFM3YtMOt9nh8Ldnl8JIEN7kAUpksc5XOP35RdTWPQlrpXpUwcWuGmjh2AYHH2rFzZrAgH6cuIJrsRvtFLkEcCYLpfFnET9h3KcDvPX991Pg3XEe1MLr25rWe6rr2TG4nywiF4U6YPpmMrfo+p7UdgdWFxciyq8dUI+ESaTHmoJPpVzW34+/GCGwbpi5Xt2vwKdGD6+cHDMkcjciVuh+9v/N8eiU5ll93wfhSC+Ehe0LyZWpqgsE4hX8NisQoTBKwDBSQ6U86PPmzaRkOLWz7h3G+StOJsMVVzkz3kmGhbRmNriC/JgvlpIRYj9Uk/w==
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment