Created
August 4, 2013 09:29
-
-
Save KyeRussell/6149850 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Basics | |
| Port 22 | |
| Protocol 2 | |
| # Keys | |
| HostKey /etc/ssh/ssh_host_rsa_key | |
| HostKey /etc/ssh/ssh_host_dsa_key | |
| HostKey /etc/ssh/ssh_host_ecdsa_key | |
| AuthorizedKeysFile %h/.ssh/authorized_keys | |
| # Logging | |
| SyslogFacility AUTH | |
| LogLevel INFO | |
| # Authentication Environment | |
| LoginGraceTime 30 | |
| MaxStartups 5 | |
| # Restrict Access to users of 'sshable' group. | |
| PermitRootLogin no | |
| AllowGroups sshable | |
| # Only allow secure key-based authentication | |
| PubkeyAuthentication yes | |
| UsePAM no | |
| PermitEmptyPasswords no | |
| PasswordAuthentication no | |
| ChallengeResponseAuthentication no | |
| # Daemon security | |
| UsePrivilegeSeparation yes | |
| StrictMode yes | |
| # Allow client to pass locale environment variables | |
| AcceptEnv LANG LC_* | |
| # Allow SFTP subsystem | |
| Subsystem sftp /usr/lib/openssh/sftp-server |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment