diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh/sshd_config')
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd_config | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 15f061b570..e9eaf93157 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ | 1 | # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ |
| 2 | 2 | ||
| 3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
| 4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
| @@ -10,6 +10,8 @@ | |||
| 10 | # possible, but leave them commented. Uncommented options override the | 10 | # possible, but leave them commented. Uncommented options override the |
| 11 | # default value. | 11 | # default value. |
| 12 | 12 | ||
| 13 | Include /etc/ssh/sshd_config.d/*.conf | ||
| 14 | |||
| 13 | #Port 22 | 15 | #Port 22 |
| 14 | #AddressFamily any | 16 | #AddressFamily any |
| 15 | #ListenAddress 0.0.0.0 | 17 | #ListenAddress 0.0.0.0 |
| @@ -57,9 +59,9 @@ AuthorizedKeysFile .ssh/authorized_keys | |||
| 57 | #PasswordAuthentication yes | 59 | #PasswordAuthentication yes |
| 58 | #PermitEmptyPasswords no | 60 | #PermitEmptyPasswords no |
| 59 | 61 | ||
| 60 | # Change to yes to enable challenge-response passwords (beware issues with | 62 | # Change to yes to enable keyboard-interactive authentication (beware issues |
| 61 | # some PAM modules and threads) | 63 | # with some PAM modules and threads) |
| 62 | ChallengeResponseAuthentication no | 64 | KbdInteractiveAuthentication no |
| 63 | 65 | ||
| 64 | # Kerberos options | 66 | # Kerberos options |
| 65 | #KerberosAuthentication no | 67 | #KerberosAuthentication no |
| @@ -73,13 +75,13 @@ ChallengeResponseAuthentication no | |||
| 73 | 75 | ||
| 74 | # Set this to 'yes' to enable PAM authentication, account processing, | 76 | # Set this to 'yes' to enable PAM authentication, account processing, |
| 75 | # and session processing. If this is enabled, PAM authentication will | 77 | # and session processing. If this is enabled, PAM authentication will |
| 76 | # be allowed through the ChallengeResponseAuthentication and | 78 | # be allowed through the KbdInteractiveAuthentication and |
| 77 | # PasswordAuthentication. Depending on your PAM configuration, | 79 | # PasswordAuthentication. Depending on your PAM configuration, |
| 78 | # PAM authentication via ChallengeResponseAuthentication may bypass | 80 | # PAM authentication via KbdInteractiveAuthentication may bypass |
| 79 | # the setting of "PermitRootLogin without-password". | 81 | # the setting of "PermitRootLogin without-password". |
| 80 | # If you just want the PAM account and session checks to run without | 82 | # If you just want the PAM account and session checks to run without |
| 81 | # PAM authentication, then enable this but set PasswordAuthentication | 83 | # PAM authentication, then enable this but set PasswordAuthentication |
| 82 | # and ChallengeResponseAuthentication to 'no'. | 84 | # and KbdInteractiveAuthentication to 'no'. |
| 83 | #UsePAM no | 85 | #UsePAM no |
| 84 | 86 | ||
| 85 | #AllowAgentForwarding yes | 87 | #AllowAgentForwarding yes |
| @@ -92,7 +94,6 @@ ChallengeResponseAuthentication no | |||
| 92 | #PrintMotd yes | 94 | #PrintMotd yes |
| 93 | #PrintLastLog yes | 95 | #PrintLastLog yes |
| 94 | #TCPKeepAlive yes | 96 | #TCPKeepAlive yes |
| 95 | #UseLogin no | ||
| 96 | #PermitUserEnvironment no | 97 | #PermitUserEnvironment no |
| 97 | Compression no | 98 | Compression no |
| 98 | ClientAliveInterval 15 | 99 | ClientAliveInterval 15 |