Update roles/common/files/sshd_config
This commit is contained in:
parent
d1e624fa8d
commit
3fc5520768
|
@ -24,7 +24,7 @@ Port 2222
|
||||||
#RekeyLimit default none
|
#RekeyLimit default none
|
||||||
|
|
||||||
# Logging
|
# Logging
|
||||||
#SyslogFacility AUTH
|
SyslogFacility AUTHPRIV
|
||||||
#LogLevel INFO
|
#LogLevel INFO
|
||||||
|
|
||||||
# Authentication:
|
# Authentication:
|
||||||
|
@ -38,7 +38,7 @@ PermitRootLogin without-password
|
||||||
PubkeyAuthentication yes
|
PubkeyAuthentication yes
|
||||||
|
|
||||||
# Expect .ssh/authorized_keys2 to be disregarded by default in future.
|
# Expect .ssh/authorized_keys2 to be disregarded by default in future.
|
||||||
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
|
AuthorizedKeysFile .ssh/authorized_keys
|
||||||
|
|
||||||
#AuthorizedPrincipalsFile none
|
#AuthorizedPrincipalsFile none
|
||||||
|
|
||||||
|
@ -55,6 +55,7 @@ PubkeyAuthentication yes
|
||||||
|
|
||||||
# To disable tunneled clear text passwords, change to no here!
|
# To disable tunneled clear text passwords, change to no here!
|
||||||
#PermitEmptyPasswords no
|
#PermitEmptyPasswords no
|
||||||
|
PasswordAuthentication no
|
||||||
|
|
||||||
# Change to yes to enable challenge-response passwords (beware issues with
|
# Change to yes to enable challenge-response passwords (beware issues with
|
||||||
# some PAM modules and threads)
|
# some PAM modules and threads)
|
||||||
|
@ -67,8 +68,8 @@ ChallengeResponseAuthentication yes
|
||||||
#KerberosGetAFSToken no
|
#KerberosGetAFSToken no
|
||||||
|
|
||||||
# GSSAPI options
|
# GSSAPI options
|
||||||
#GSSAPIAuthentication no
|
GSSAPIAuthentication yes
|
||||||
#GSSAPICleanupCredentials yes
|
GSSAPICleanupCredentials no
|
||||||
#GSSAPIStrictAcceptorCheck yes
|
#GSSAPIStrictAcceptorCheck yes
|
||||||
#GSSAPIKeyExchange no
|
#GSSAPIKeyExchange no
|
||||||
|
|
||||||
|
@ -97,7 +98,7 @@ PrintMotd no
|
||||||
#TCPKeepAlive yes
|
#TCPKeepAlive yes
|
||||||
#UseLogin no
|
#UseLogin no
|
||||||
#UsePrivilegeSeparation sandbox
|
#UsePrivilegeSeparation sandbox
|
||||||
#PermitUserEnvironment no
|
PermitUserEnvironment yes
|
||||||
#Compression delayed
|
#Compression delayed
|
||||||
#ClientAliveInterval 0
|
#ClientAliveInterval 0
|
||||||
#ClientAliveCountMax 3
|
#ClientAliveCountMax 3
|
||||||
|
@ -125,4 +126,3 @@ Subsystem sftp /usr/lib/openssh/sftp-server
|
||||||
# ForceCommand cvs server
|
# ForceCommand cvs server
|
||||||
|
|
||||||
ClientAliveInterval 120
|
ClientAliveInterval 120
|
||||||
PasswordAuthentication no
|
|
||||||
|
|
Reference in New Issue