Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/basessh/files/ssh/sshd_config.noc01.phx2.fedoraproject.org
Patrick Uiterwijk e43e0e06b1 Move SSH setup to its own role 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2017-08-16 17:39:23 +00:00

4.5 KiB
Raw Blame History

# #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::

Protocol 2

#HostKey /etc/ssh/ssh_host_key

HostKey /etc/ssh/ssh_host_rsa_key HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pub #HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key

#KeyRegenerationInterval 1h #ServerKeyBits 1024

#RekeyLimit default none

#SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO LogLevel VERBOSE

#LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes PermitRootLogin without-password StrictModes yes #MaxAuthTries 6 #MaxSessions 10

#RSAAuthentication yes #PubkeyAuthentication yes

AuthorizedKeysFile .ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody

#RhostsRSAAuthentication no

#HostbasedAuthentication no

#IgnoreUserKnownHosts no

#IgnoreRhosts yes

#PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication no

#ChallengeResponseAuthentication yes ChallengeResponseAuthentication no

#KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no #KerberosUseKuserok yes

#GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no

#UsePAM no UsePAM yes

#AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no UsePrivilegeSeparation sandbox # Default for new installations. #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 MaxSessions 30 #PermitTunnel no #ChrootDirectory none #VersionAddendum none

#Banner none

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE AcceptEnv XMODIFIERS

Subsystem sftp /usr/libexec/openssh/sftp-server

#Host *.local

#Match User anoncvs