diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh/sshd_config')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd_config | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 15f061b570..e9eaf93157 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ | 1 | # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
@@ -10,6 +10,8 @@ | |||
10 | # possible, but leave them commented. Uncommented options override the | 10 | # possible, but leave them commented. Uncommented options override the |
11 | # default value. | 11 | # default value. |
12 | 12 | ||
13 | Include /etc/ssh/sshd_config.d/*.conf | ||
14 | |||
13 | #Port 22 | 15 | #Port 22 |
14 | #AddressFamily any | 16 | #AddressFamily any |
15 | #ListenAddress 0.0.0.0 | 17 | #ListenAddress 0.0.0.0 |
@@ -57,9 +59,9 @@ AuthorizedKeysFile .ssh/authorized_keys | |||
57 | #PasswordAuthentication yes | 59 | #PasswordAuthentication yes |
58 | #PermitEmptyPasswords no | 60 | #PermitEmptyPasswords no |
59 | 61 | ||
60 | # Change to yes to enable challenge-response passwords (beware issues with | 62 | # Change to yes to enable keyboard-interactive authentication (beware issues |
61 | # some PAM modules and threads) | 63 | # with some PAM modules and threads) |
62 | ChallengeResponseAuthentication no | 64 | KbdInteractiveAuthentication no |
63 | 65 | ||
64 | # Kerberos options | 66 | # Kerberos options |
65 | #KerberosAuthentication no | 67 | #KerberosAuthentication no |
@@ -73,13 +75,13 @@ ChallengeResponseAuthentication no | |||
73 | 75 | ||
74 | # Set this to 'yes' to enable PAM authentication, account processing, | 76 | # Set this to 'yes' to enable PAM authentication, account processing, |
75 | # and session processing. If this is enabled, PAM authentication will | 77 | # and session processing. If this is enabled, PAM authentication will |
76 | # be allowed through the ChallengeResponseAuthentication and | 78 | # be allowed through the KbdInteractiveAuthentication and |
77 | # PasswordAuthentication. Depending on your PAM configuration, | 79 | # PasswordAuthentication. Depending on your PAM configuration, |
78 | # PAM authentication via ChallengeResponseAuthentication may bypass | 80 | # PAM authentication via KbdInteractiveAuthentication may bypass |
79 | # the setting of "PermitRootLogin without-password". | 81 | # the setting of "PermitRootLogin without-password". |
80 | # If you just want the PAM account and session checks to run without | 82 | # If you just want the PAM account and session checks to run without |
81 | # PAM authentication, then enable this but set PasswordAuthentication | 83 | # PAM authentication, then enable this but set PasswordAuthentication |
82 | # and ChallengeResponseAuthentication to 'no'. | 84 | # and KbdInteractiveAuthentication to 'no'. |
83 | #UsePAM no | 85 | #UsePAM no |
84 | 86 | ||
85 | #AllowAgentForwarding yes | 87 | #AllowAgentForwarding yes |
@@ -92,7 +94,6 @@ ChallengeResponseAuthentication no | |||
92 | #PrintMotd yes | 94 | #PrintMotd yes |
93 | #PrintLastLog yes | 95 | #PrintLastLog yes |
94 | #TCPKeepAlive yes | 96 | #TCPKeepAlive yes |
95 | #UseLogin no | ||
96 | #PermitUserEnvironment no | 97 | #PermitUserEnvironment no |
97 | Compression no | 98 | Compression no |
98 | ClientAliveInterval 15 | 99 | ClientAliveInterval 15 |