Skip to content
This repository has been archived by the owner on Nov 14, 2021. It is now read-only.

Sync templates with upstream sources #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Sync templates with upstream sources #3

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 2 additions & 19 deletions templates/sshd_config.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,26 +15,15 @@ Port {{ opensshd_port }}
#ListenAddress 0.0.0.0
#ListenAddress ::

# The default requires explicit activation of protocol 1
#Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Ciphers and keying
#RekeyLimit default none

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

Expand All @@ -46,7 +35,6 @@ PermitRootLogin {{ 'yes' if opensshd_permit_root_login | bool else 'no' }}
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
Expand All @@ -62,11 +50,9 @@ PermitRootLogin {{ 'yes' if opensshd_permit_root_login | bool else 'no' }}
AuthorizedKeysCommandUser {{ opensshd_authz_keys_cmd_user }}

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
Expand Down Expand Up @@ -110,7 +96,6 @@ PrintMotd no
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
Expand Down Expand Up @@ -138,7 +123,6 @@ Subsystem sftp /usr/lib64/misc/sftp-server
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048


# allow the use of the none cipher
#NoneEnabled no

Expand All @@ -150,5 +134,4 @@ Subsystem sftp /usr/lib64/misc/sftp-server
# ForceCommand cvs server

# Allow client to pass locale environment variables #367017
# Doesn't work well with OS X clients!
#AcceptEnv LANG LC_*
AcceptEnv LANG LC_*