Added SSH server configuration
This commit is contained in:
Asif Bacchus
parent
ad665dad0e
commit
0fa6816a2c
10
config/etc/ssh/banner
Normal file
10
config/etc/ssh/banner
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
|
||||||
|
*******
|
||||||
|
*** Welcome to SERVERNAME on DOMAIN.tld
|
||||||
|
*** Note: This server also answers to ALT_SERVERNAME on DOMAIN2.tld
|
||||||
|
*******
|
||||||
|
|
||||||
|
Please note that this system is monitored and all access attempts are logged.
|
||||||
|
Unauthorized access is prohibited.
|
||||||
|
Your IP address and any provided keys/tokens have already been recorded.
|
||||||
|
|
||||||
35
config/etc/ssh/sshd_config
Normal file
35
config/etc/ssh/sshd_config
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
#######
|
||||||
|
### OpenSSH Configuration
|
||||||
|
#######
|
||||||
|
|
||||||
|
### Connection settings
|
||||||
|
Port 222
|
||||||
|
ListenAddress your.private.ipv4.address
|
||||||
|
ListenAddress [your:private:ipv6:address:use:square:brackets]
|
||||||
|
TCPKeepAlive no
|
||||||
|
ClientAliveInterval 60
|
||||||
|
ClientAliveCountMax 30
|
||||||
|
|
||||||
|
### Authentication settings
|
||||||
|
HostKey /etc/ssh/ed25519.key
|
||||||
|
HostKey /etc/ssh/RSA4096.key
|
||||||
|
PasswordAuthentication no
|
||||||
|
PermitEmptyPasswords no
|
||||||
|
ChallengeResponseAuthentication no
|
||||||
|
UsePAM yes
|
||||||
|
AuthorizedKeysFile .ssh/authorized_keys
|
||||||
|
|
||||||
|
### Login settings
|
||||||
|
LoginGraceTime 1M
|
||||||
|
MaxAuthTries 3
|
||||||
|
MaxSessions 5
|
||||||
|
#PermitRootLogin prohibit-password
|
||||||
|
PermitRootLogin no
|
||||||
|
|
||||||
|
### Program settings
|
||||||
|
Banner /etc/ssh/banner
|
||||||
|
LogLevel VERBOSE
|
||||||
|
X11Forwarding yes
|
||||||
|
PrintMotd no
|
||||||
|
AcceptEnv LANG LC_*
|
||||||
|
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||||
Loading…
Reference in New Issue
Block a user