diff options
Diffstat (limited to 'playbooks.d/ssh/share')
-rw-r--r-- | playbooks.d/ssh/share/motd | 8 | ||||
-rw-r--r-- | playbooks.d/ssh/share/sshd_config | 27 |
2 files changed, 35 insertions, 0 deletions
diff --git a/playbooks.d/ssh/share/motd b/playbooks.d/ssh/share/motd new file mode 100644 index 0000000..7fc4e34 --- /dev/null +++ b/playbooks.d/ssh/share/motd @@ -0,0 +1,8 @@ + ████████╗██╗ ██╗██╗██╗ ███╗ ██╗███████╗████████╗ + ╚══██╔══╝╚██╗ ██╔╝██║██║ ████╗ ██║██╔════╝╚══██╔══╝ + ██║ ╚████╔╝ ██║██║ ██╔██╗ ██║█████╗ ██║ + ██║ ╚██╔╝ ██║██║ ██║╚██╗██║██╔══╝ ██║ + ██║ ██║ ██║███████╗██╗██║ ╚████║███████╗ ██║ + ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ╚═╝ + +Welcome to ${fqdn}, last updated on ${time}. diff --git a/playbooks.d/ssh/share/sshd_config b/playbooks.d/ssh/share/sshd_config new file mode 100644 index 0000000..97bea2e --- /dev/null +++ b/playbooks.d/ssh/share/sshd_config @@ -0,0 +1,27 @@ +# Connectivity +Port 22 +AddressFamily any +ListenAddress 0.0.0.0 +ListenAddress :: + +# Fluff +PrintMotd yes + +# SFTP +Subsystem sftp ${sftp} + +# Authentication +AuthorizedKeysFile /etc/ssh/authorized_keys .ssh/authorized_keys +PermitRootLogin no +PasswordAuthentication no +ChallengeResponseAuthentication no +PubkeyAuthentication no + +# Allow tyil +Match User tyil + PubkeyAuthentication yes + +# Allow public key authentication over VPN +Match Address 10.57.0.0/16 + PubkeyAuthentication yes + PermitRootLogin prohibit-password |