2015-09-09 17:10:20 +02:00
|
|
|
---
|
2017-02-08 18:58:00 +01:00
|
|
|
sshd_install_config: True
|
2015-09-09 17:10:20 +02:00
|
|
|
sshd_port: 22
|
|
|
|
sshd_config_dir: /etc/ssh
|
|
|
|
sshd_config_file: sshd_config
|
|
|
|
sshd_protocol: 2
|
|
|
|
sshd_serverkeybits: 2048
|
|
|
|
sshd_password_authentication: "no"
|
|
|
|
sshd_permit_empty_passwords: "no"
|
|
|
|
# "no" or "without-password"
|
|
|
|
sshd_permit_root_login: "without-password"
|
|
|
|
sshd_strict_mode: "yes"
|
2016-09-08 12:05:07 +02:00
|
|
|
# If set to no, the locked users cannot log in. adduser creates the users that have no password as locked
|
2017-05-15 18:19:43 +02:00
|
|
|
sshd_use_pam: "yes"
|
2015-09-09 17:10:20 +02:00
|
|
|
# set to "yes" only if you are using s/key or something equivalent
|
|
|
|
sshd_challenge_response_authentication: "no"
|
|
|
|
sshd_use_login: "no"
|
2016-08-02 16:04:44 +02:00
|
|
|
sshd_permit_tunnel: "no"
|
2015-09-09 17:10:20 +02:00
|
|
|
sshd_gssapi_authentication: "no"
|
|
|
|
sshd_gssapi_credentials: "no"
|
|
|
|
sshd_x11_forwarding: "no"
|
|
|
|
sshd_agent_forwarding: "yes"
|
|
|
|
sshd_tcp_forwarding: "no"
|
|
|
|
sshd_permit_user_environment: "no"
|
|
|
|
sshd_show_patchlevel: "no"
|
|
|
|
# Usually /etc/issue.net
|
|
|
|
sshd_banner_path: "none"
|
|
|
|
sshd_acceptenv: "LANG LC_*"
|
2017-11-07 00:09:47 +01:00
|
|
|
#
|
|
|
|
sshd_enable_sftp_subsystem: True
|
|
|
|
sshd_enable_sftp_jail: False
|
|
|
|
sshd_sftp_chroot_match_group: filetransfer
|
|
|
|
sshd_sftp_chroot_directory: '%h'
|
|
|
|
sshd_sftp_force_command: 'internal-sftp'
|