1.4 KiB
/etc/ssh: Included files
SSH server configuration (sshd_config)
This is a pretty basic SSH server setup with a few options initially commented out for ease of setup. You should generate SSH Host Keys and enable the relevant lines in the configuration. In addition, you should generate ssh key-pairs for your users and then set both PermitRootLogin and PasswordAuthentication to no.
The default configuration included here will:
- listen on all configured interfaces
- listen on non-standard port 222
- permit root login
- permit passwords for authentication
The commented lines indicate the recommended settings and appear directly before the setting currently enabled that should be changed (i.e. line removed and replaced with the commented line above it).
Please see my post at My Techie-Thoughts for detailed instructions on setting up a secure SSH server.
Banner file (banner)
This is a sample file that can be displayed upon successful authentication to your server via SSH. It is included only as an example and does not need to be used. You can delete/change/replace it freely. It is referenced in the sshd_config on the line that reads:
#Banner /etc/ssh/banner
If you want to use the banner file, edit it as desired then uncomment this line in your sshd_config. If you do not want a banner displayed, simply leave this line commented (as-is) in your configuration.