Mercurial > repos > other > Puppet
comparison modules/ssh/spec/fixtures/sshd_config_debian8 @ 385:d9009f54eb23
Migrate to a fully-fledged SSH module
This handles lots of the server path differences for us
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Mon, 03 Jan 2022 17:05:54 +0000 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
384:22e45bb5ea97 | 385:d9009f54eb23 |
---|---|
1 # This file is being maintained by Puppet. | |
2 # DO NOT EDIT | |
3 | |
4 # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ | |
5 | |
6 # This is the sshd server system-wide configuration file. See | |
7 # sshd_config(5) for more information. | |
8 | |
9 # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin | |
10 | |
11 # The strategy used for options in the default sshd_config shipped with | |
12 # OpenSSH is to specify options with their default value where | |
13 # possible, but leave them commented. Uncommented options change a | |
14 # default value. | |
15 | |
16 #Port 22 | |
17 Port 22 | |
18 #Protocol 2,1 | |
19 Protocol 2 | |
20 #AddressFamily any | |
21 AddressFamily any | |
22 | |
23 # HostKey for protocol version 1 | |
24 #HostKey /etc/ssh/ssh_host_key | |
25 # HostKeys for protocol version 2 | |
26 #HostKey /etc/ssh/ssh_host_rsa_key | |
27 #HostKey /etc/ssh/ssh_host_dsa_key | |
28 HostKey /etc/ssh/ssh_host_rsa_key | |
29 HostKey /etc/ssh/ssh_host_dsa_key | |
30 HostKey /etc/ssh/ssh_host_ecdsa_key | |
31 HostKey /etc/ssh/ssh_host_ed25519_key | |
32 | |
33 # Lifetime and size of ephemeral version 1 server key | |
34 #KeyRegenerationInterval 1h | |
35 #ServerKeyBits 1024 | |
36 ServerKeyBits 1024 | |
37 # Logging | |
38 # obsoletes QuietMode and FascistLogging | |
39 #SyslogFacility AUTH | |
40 SyslogFacility AUTH | |
41 #LogLevel INFO | |
42 LogLevel INFO | |
43 | |
44 # Authentication: | |
45 | |
46 #LoginGraceTime 120 | |
47 LoginGraceTime 120 | |
48 #PermitRootLogin yes | |
49 PermitRootLogin yes | |
50 #StrictModes yes | |
51 #MaxAuthTries 6 | |
52 | |
53 #RSAAuthentication yes | |
54 #PubkeyAuthentication yes | |
55 PubkeyAuthentication yes | |
56 #AuthorizedKeysFile .ssh/authorized_keys | |
57 | |
58 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | |
59 #RhostsRSAAuthentication no | |
60 # similar for protocol version 2 | |
61 #HostbasedAuthentication no | |
62 HostbasedAuthentication no | |
63 # Change to yes if you don't trust ~/.ssh/known_hosts for | |
64 # RhostsRSAAuthentication and HostbasedAuthentication | |
65 #IgnoreUserKnownHosts no | |
66 IgnoreUserKnownHosts no | |
67 # Don't read the user's ~/.rhosts and ~/.shosts files | |
68 #IgnoreRhosts yes | |
69 IgnoreRhosts yes | |
70 | |
71 # To disable tunneled clear text passwords, change to no here! | |
72 #PasswordAuthentication yes | |
73 PasswordAuthentication yes | |
74 #PermitEmptyPasswords no | |
75 | |
76 # Change to no to disable s/key passwords | |
77 #ChallengeResponseAuthentication yes | |
78 ChallengeResponseAuthentication yes | |
79 | |
80 # Kerberos options | |
81 #KerberosOrLocalPasswd yes | |
82 #KerberosTicketCleanup yes | |
83 #KerberosGetAFSToken no | |
84 | |
85 # GSSAPI options | |
86 #GSSAPIAuthentication no | |
87 GSSAPIAuthentication yes | |
88 | |
89 # Set this to 'yes' to enable PAM authentication, account processing, | |
90 # and session processing. If this is enabled, PAM authentication will | |
91 # be allowed through the ChallengeResponseAuthentication mechanism. | |
92 # Depending on your PAM configuration, this may bypass the setting of | |
93 # PasswordAuthentication, PermitEmptyPasswords, and | |
94 # "PermitRootLogin without-password". If you just want the PAM account and | |
95 # session checks to run without PAM authentication, then enable this but set | |
96 # ChallengeResponseAuthentication=no | |
97 #UsePAM no | |
98 UsePAM yes | |
99 | |
100 # Accept locale-related environment variables | |
101 AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
102 AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
103 AcceptEnv LC_IDENTIFICATION LC_ALL | |
104 #AllowTcpForwarding yes | |
105 AllowTcpForwarding yes | |
106 #GatewayPorts no | |
107 #X11Forwarding no | |
108 X11Forwarding yes | |
109 #X11DisplayOffset 10 | |
110 #X11UseLocalhost yes | |
111 X11UseLocalhost yes | |
112 #PrintMotd yes | |
113 PrintMotd yes | |
114 #PrintLastLog yes | |
115 #TCPKeepAlive yes | |
116 TCPKeepAlive yes | |
117 #UseLogin no | |
118 #UsePrivilegeSeparation yes | |
119 #PermitUserEnvironment no | |
120 #Compression delayed | |
121 #ClientAliveInterval 0 | |
122 ClientAliveInterval 0 | |
123 ClientAliveCountMax 3 | |
124 #ShowPatchLevel no | |
125 #UseDNS yes | |
126 UseDNS yes | |
127 #PidFile /var/run/sshd.pid | |
128 #MaxStartups 10:30:100 | |
129 #MaxSessions 10 | |
130 | |
131 #PermitTunnel no | |
132 PermitTunnel no | |
133 #ChrootDirectory none | |
134 | |
135 # no default banner path | |
136 #Banner none | |
137 Banner none | |
138 | |
139 # override default of no subsystems | |
140 Subsystem sftp /usr/lib/openssh/sftp-server | |
141 |