Added SSH server configuration
This commit is contained in:
Asif Bacchus
parent
ad665dad0e
commit
0fa6816a2c
|
|
@ -0,0 +1,10 @@
|
|||
|
||||
*******
|
||||
*** Welcome to SERVERNAME on DOMAIN.tld
|
||||
*** Note: This server also answers to ALT_SERVERNAME on DOMAIN2.tld
|
||||
*******
|
||||
|
||||
Please note that this system is monitored and all access attempts are logged.
|
||||
Unauthorized access is prohibited.
|
||||
Your IP address and any provided keys/tokens have already been recorded.
|
||||
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
#######
|
||||
### OpenSSH Configuration
|
||||
#######
|
||||
|
||||
### Connection settings
|
||||
Port 222
|
||||
ListenAddress your.private.ipv4.address
|
||||
ListenAddress [your:private:ipv6:address:use:square:brackets]
|
||||
TCPKeepAlive no
|
||||
ClientAliveInterval 60
|
||||
ClientAliveCountMax 30
|
||||
|
||||
### Authentication settings
|
||||
HostKey /etc/ssh/ed25519.key
|
||||
HostKey /etc/ssh/RSA4096.key
|
||||
PasswordAuthentication no
|
||||
PermitEmptyPasswords no
|
||||
ChallengeResponseAuthentication no
|
||||
UsePAM yes
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
### Login settings
|
||||
LoginGraceTime 1M
|
||||
MaxAuthTries 3
|
||||
MaxSessions 5
|
||||
#PermitRootLogin prohibit-password
|
||||
PermitRootLogin no
|
||||
|
||||
### Program settings
|
||||
Banner /etc/ssh/banner
|
||||
LogLevel VERBOSE
|
||||
X11Forwarding yes
|
||||
PrintMotd no
|
||||
AcceptEnv LANG LC_*
|
||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||
Loading…
Reference in New Issue