diff options
Diffstat (limited to 'playbooks.d/ssh/share/sshd_config')
| -rw-r--r-- | playbooks.d/ssh/share/sshd_config | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/playbooks.d/ssh/share/sshd_config b/playbooks.d/ssh/share/sshd_config new file mode 100644 index 0000000..97bea2e --- /dev/null +++ b/playbooks.d/ssh/share/sshd_config @@ -0,0 +1,27 @@ +# Connectivity +Port 22 +AddressFamily any +ListenAddress 0.0.0.0 +ListenAddress :: + +# Fluff +PrintMotd yes + +# SFTP +Subsystem sftp ${sftp} + +# Authentication +AuthorizedKeysFile /etc/ssh/authorized_keys .ssh/authorized_keys +PermitRootLogin no +PasswordAuthentication no +ChallengeResponseAuthentication no +PubkeyAuthentication no + +# Allow tyil +Match User tyil + PubkeyAuthentication yes + +# Allow public key authentication over VPN +Match Address 10.57.0.0/16 + PubkeyAuthentication yes + PermitRootLogin prohibit-password |