Mercurial > repos > other > Puppet
comparison modules/ssh/spec/fixtures/sshd_config_debian8 @ 385:d9009f54eb23
Migrate to a fully-fledged SSH module
This handles lots of the server path differences for us
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Mon, 03 Jan 2022 17:05:54 +0000 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 384:22e45bb5ea97 | 385:d9009f54eb23 |
|---|---|
| 1 # This file is being maintained by Puppet. | |
| 2 # DO NOT EDIT | |
| 3 | |
| 4 # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ | |
| 5 | |
| 6 # This is the sshd server system-wide configuration file. See | |
| 7 # sshd_config(5) for more information. | |
| 8 | |
| 9 # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin | |
| 10 | |
| 11 # The strategy used for options in the default sshd_config shipped with | |
| 12 # OpenSSH is to specify options with their default value where | |
| 13 # possible, but leave them commented. Uncommented options change a | |
| 14 # default value. | |
| 15 | |
| 16 #Port 22 | |
| 17 Port 22 | |
| 18 #Protocol 2,1 | |
| 19 Protocol 2 | |
| 20 #AddressFamily any | |
| 21 AddressFamily any | |
| 22 | |
| 23 # HostKey for protocol version 1 | |
| 24 #HostKey /etc/ssh/ssh_host_key | |
| 25 # HostKeys for protocol version 2 | |
| 26 #HostKey /etc/ssh/ssh_host_rsa_key | |
| 27 #HostKey /etc/ssh/ssh_host_dsa_key | |
| 28 HostKey /etc/ssh/ssh_host_rsa_key | |
| 29 HostKey /etc/ssh/ssh_host_dsa_key | |
| 30 HostKey /etc/ssh/ssh_host_ecdsa_key | |
| 31 HostKey /etc/ssh/ssh_host_ed25519_key | |
| 32 | |
| 33 # Lifetime and size of ephemeral version 1 server key | |
| 34 #KeyRegenerationInterval 1h | |
| 35 #ServerKeyBits 1024 | |
| 36 ServerKeyBits 1024 | |
| 37 # Logging | |
| 38 # obsoletes QuietMode and FascistLogging | |
| 39 #SyslogFacility AUTH | |
| 40 SyslogFacility AUTH | |
| 41 #LogLevel INFO | |
| 42 LogLevel INFO | |
| 43 | |
| 44 # Authentication: | |
| 45 | |
| 46 #LoginGraceTime 120 | |
| 47 LoginGraceTime 120 | |
| 48 #PermitRootLogin yes | |
| 49 PermitRootLogin yes | |
| 50 #StrictModes yes | |
| 51 #MaxAuthTries 6 | |
| 52 | |
| 53 #RSAAuthentication yes | |
| 54 #PubkeyAuthentication yes | |
| 55 PubkeyAuthentication yes | |
| 56 #AuthorizedKeysFile .ssh/authorized_keys | |
| 57 | |
| 58 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | |
| 59 #RhostsRSAAuthentication no | |
| 60 # similar for protocol version 2 | |
| 61 #HostbasedAuthentication no | |
| 62 HostbasedAuthentication no | |
| 63 # Change to yes if you don't trust ~/.ssh/known_hosts for | |
| 64 # RhostsRSAAuthentication and HostbasedAuthentication | |
| 65 #IgnoreUserKnownHosts no | |
| 66 IgnoreUserKnownHosts no | |
| 67 # Don't read the user's ~/.rhosts and ~/.shosts files | |
| 68 #IgnoreRhosts yes | |
| 69 IgnoreRhosts yes | |
| 70 | |
| 71 # To disable tunneled clear text passwords, change to no here! | |
| 72 #PasswordAuthentication yes | |
| 73 PasswordAuthentication yes | |
| 74 #PermitEmptyPasswords no | |
| 75 | |
| 76 # Change to no to disable s/key passwords | |
| 77 #ChallengeResponseAuthentication yes | |
| 78 ChallengeResponseAuthentication yes | |
| 79 | |
| 80 # Kerberos options | |
| 81 #KerberosOrLocalPasswd yes | |
| 82 #KerberosTicketCleanup yes | |
| 83 #KerberosGetAFSToken no | |
| 84 | |
| 85 # GSSAPI options | |
| 86 #GSSAPIAuthentication no | |
| 87 GSSAPIAuthentication yes | |
| 88 | |
| 89 # Set this to 'yes' to enable PAM authentication, account processing, | |
| 90 # and session processing. If this is enabled, PAM authentication will | |
| 91 # be allowed through the ChallengeResponseAuthentication mechanism. | |
| 92 # Depending on your PAM configuration, this may bypass the setting of | |
| 93 # PasswordAuthentication, PermitEmptyPasswords, and | |
| 94 # "PermitRootLogin without-password". If you just want the PAM account and | |
| 95 # session checks to run without PAM authentication, then enable this but set | |
| 96 # ChallengeResponseAuthentication=no | |
| 97 #UsePAM no | |
| 98 UsePAM yes | |
| 99 | |
| 100 # Accept locale-related environment variables | |
| 101 AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
| 102 AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
| 103 AcceptEnv LC_IDENTIFICATION LC_ALL | |
| 104 #AllowTcpForwarding yes | |
| 105 AllowTcpForwarding yes | |
| 106 #GatewayPorts no | |
| 107 #X11Forwarding no | |
| 108 X11Forwarding yes | |
| 109 #X11DisplayOffset 10 | |
| 110 #X11UseLocalhost yes | |
| 111 X11UseLocalhost yes | |
| 112 #PrintMotd yes | |
| 113 PrintMotd yes | |
| 114 #PrintLastLog yes | |
| 115 #TCPKeepAlive yes | |
| 116 TCPKeepAlive yes | |
| 117 #UseLogin no | |
| 118 #UsePrivilegeSeparation yes | |
| 119 #PermitUserEnvironment no | |
| 120 #Compression delayed | |
| 121 #ClientAliveInterval 0 | |
| 122 ClientAliveInterval 0 | |
| 123 ClientAliveCountMax 3 | |
| 124 #ShowPatchLevel no | |
| 125 #UseDNS yes | |
| 126 UseDNS yes | |
| 127 #PidFile /var/run/sshd.pid | |
| 128 #MaxStartups 10:30:100 | |
| 129 #MaxSessions 10 | |
| 130 | |
| 131 #PermitTunnel no | |
| 132 PermitTunnel no | |
| 133 #ChrootDirectory none | |
| 134 | |
| 135 # no default banner path | |
| 136 #Banner none | |
| 137 Banner none | |
| 138 | |
| 139 # override default of no subsystems | |
| 140 Subsystem sftp /usr/lib/openssh/sftp-server | |
| 141 |