forked from thunix/ansible
Update roles/common/files/sshd_config
This commit is contained in:
parent
d1e624fa8d
commit
3fc5520768
|
@ -24,7 +24,7 @@ Port 2222
|
|||
#RekeyLimit default none
|
||||
|
||||
# Logging
|
||||
#SyslogFacility AUTH
|
||||
SyslogFacility AUTHPRIV
|
||||
#LogLevel INFO
|
||||
|
||||
# Authentication:
|
||||
|
@ -38,7 +38,7 @@ PermitRootLogin without-password
|
|||
PubkeyAuthentication yes
|
||||
|
||||
# Expect .ssh/authorized_keys2 to be disregarded by default in future.
|
||||
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
#AuthorizedPrincipalsFile none
|
||||
|
||||
|
@ -55,6 +55,7 @@ PubkeyAuthentication yes
|
|||
|
||||
# To disable tunneled clear text passwords, change to no here!
|
||||
#PermitEmptyPasswords no
|
||||
PasswordAuthentication no
|
||||
|
||||
# Change to yes to enable challenge-response passwords (beware issues with
|
||||
# some PAM modules and threads)
|
||||
|
@ -67,8 +68,8 @@ ChallengeResponseAuthentication yes
|
|||
#KerberosGetAFSToken no
|
||||
|
||||
# GSSAPI options
|
||||
#GSSAPIAuthentication no
|
||||
#GSSAPICleanupCredentials yes
|
||||
GSSAPIAuthentication yes
|
||||
GSSAPICleanupCredentials no
|
||||
#GSSAPIStrictAcceptorCheck yes
|
||||
#GSSAPIKeyExchange no
|
||||
|
||||
|
@ -97,7 +98,7 @@ PrintMotd no
|
|||
#TCPKeepAlive yes
|
||||
#UseLogin no
|
||||
#UsePrivilegeSeparation sandbox
|
||||
#PermitUserEnvironment no
|
||||
PermitUserEnvironment yes
|
||||
#Compression delayed
|
||||
#ClientAliveInterval 0
|
||||
#ClientAliveCountMax 3
|
||||
|
@ -125,4 +126,3 @@ Subsystem sftp /usr/lib/openssh/sftp-server
|
|||
# ForceCommand cvs server
|
||||
|
||||
ClientAliveInterval 120
|
||||
PasswordAuthentication no
|
||||
|
|
Loading…
Reference in New Issue
Block a user