DebianConfigs/config/etc/ssh/readme.md

# /etc/ssh: Included files

## SSH server configuration (sshd_config)

This is a pretty basic SSH server setup with a few options initially commented
out for ease of setup.  You should generate SSH Host Keys and enable the
relevant lines in the configuration.  In addition, you should generate ssh
key-pairs for your users and then set both *PermitRootLogin* and
*PasswordAuthentication* to **no**.

The default configuration included here will:

- listen on all configured interfaces
- **listen on non-standard port 222**
- permit root login
- permit passwords for authentication

The commented lines indicate the *recommended settings* and appear directly
before the setting currently enabled that should be changed (i.e. line removed
and replaced with the commented line above it).

Please see my post at [My Techie-Thoughts](https://mytechiethoughts.com/<post_address) for detailed
instructions on setting up a secure SSH server.

## Banner file (banner)

This is a sample file that can be displayed upon successful authentication to
your server via SSH.  It is included only as an example and does not need to be
used.  You can delete/change/replace it freely.  It is referenced in the
*sshd_config* on the line that reads:

```ini
#Banner /etc/ssh/banner
```

If you want to use the banner file, edit it as desired then uncomment this line
in your *sshd_config*.  If you do not want a banner displayed, simply leave this
line commented (as-is) in your configuration.
updated /etc/ssh readme 2019-01-09 04:04:18 -07:00			`# /etc/ssh: Included files`

			`## SSH server configuration (sshd_config)`

			`This is a pretty basic SSH server setup with a few options initially commented`
			`out for ease of setup. You should generate SSH Host Keys and enable the`
			`relevant lines in the configuration. In addition, you should generate ssh`
			`key-pairs for your users and then set both PermitRootLogin and`
			`PasswordAuthentication to no.`

			`The default configuration included here will:`
updated and proofread 2019-01-09 04:23:23 -07:00
updated /etc/ssh readme 2019-01-09 04:04:18 -07:00			`- listen on all configured interfaces`
			`- listen on non-standard port 222`
			`- permit root login`
			`- permit passwords for authentication`

			`The commented lines indicate the recommended settings and appear directly`
			`before the setting currently enabled that should be changed (i.e. line removed`
			`and replaced with the commented line above it).`

updated and proofread 2019-01-09 04:23:23 -07:00			`Please see my post at [My Techie-Thoughts](https://mytechiethoughts.com/<post_address) for detailed`
updated /etc/ssh readme 2019-01-09 04:04:18 -07:00			`instructions on setting up a secure SSH server.`

			`## Banner file (banner)`

			`This is a sample file that can be displayed upon successful authentication to`
			`your server via SSH. It is included only as an example and does not need to be`
			`used. You can delete/change/replace it freely. It is referenced in the`
			`sshd_config on the line that reads:`

			```ini
			`#Banner /etc/ssh/banner`
			```

			`If you want to use the banner file, edit it as desired then uncomment this line`
updated and proofread 2019-01-09 04:23:23 -07:00			`in your sshd_config. If you do not want a banner displayed, simply leave this`
			`line commented (as-is) in your configuration.`