Mercurial > repos > other > Puppet
comparison modules/ssh/spec/fixtures/sshd_config_rhel @ 385:d9009f54eb23
Migrate to a fully-fledged SSH module
This handles lots of the server path differences for us
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Mon, 03 Jan 2022 17:05:54 +0000 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
384:22e45bb5ea97 | 385:d9009f54eb23 |
---|---|
1 # This file is being maintained by Puppet. | |
2 # DO NOT EDIT | |
3 | |
4 # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ | |
5 | |
6 # This is the sshd server system-wide configuration file. See | |
7 # sshd_config(5) for more information. | |
8 | |
9 # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin | |
10 | |
11 # The strategy used for options in the default sshd_config shipped with | |
12 # OpenSSH is to specify options with their default value where | |
13 # possible, but leave them commented. Uncommented options change a | |
14 # default value. | |
15 | |
16 #Port 22 | |
17 Port 22 | |
18 #Protocol 2,1 | |
19 Protocol 2 | |
20 #AddressFamily any | |
21 AddressFamily any | |
22 | |
23 # HostKey for protocol version 1 | |
24 #HostKey /etc/ssh/ssh_host_key | |
25 # HostKeys for protocol version 2 | |
26 #HostKey /etc/ssh/ssh_host_rsa_key | |
27 #HostKey /etc/ssh/ssh_host_dsa_key | |
28 HostKey /etc/ssh/ssh_host_rsa_key | |
29 | |
30 # Lifetime and size of ephemeral version 1 server key | |
31 #KeyRegenerationInterval 1h | |
32 #ServerKeyBits 1024 | |
33 ServerKeyBits 1024 | |
34 # Logging | |
35 # obsoletes QuietMode and FascistLogging | |
36 #SyslogFacility AUTH | |
37 SyslogFacility AUTH | |
38 #LogLevel INFO | |
39 LogLevel INFO | |
40 | |
41 # Authentication: | |
42 | |
43 #LoginGraceTime 120 | |
44 LoginGraceTime 120 | |
45 #PermitRootLogin yes | |
46 PermitRootLogin yes | |
47 #StrictModes yes | |
48 #MaxAuthTries 6 | |
49 | |
50 #RSAAuthentication yes | |
51 #PubkeyAuthentication yes | |
52 PubkeyAuthentication yes | |
53 #AuthorizedKeysFile .ssh/authorized_keys | |
54 | |
55 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | |
56 #RhostsRSAAuthentication no | |
57 # similar for protocol version 2 | |
58 #HostbasedAuthentication no | |
59 HostbasedAuthentication no | |
60 # Change to yes if you don't trust ~/.ssh/known_hosts for | |
61 # RhostsRSAAuthentication and HostbasedAuthentication | |
62 #IgnoreUserKnownHosts no | |
63 IgnoreUserKnownHosts no | |
64 # Don't read the user's ~/.rhosts and ~/.shosts files | |
65 #IgnoreRhosts yes | |
66 IgnoreRhosts yes | |
67 | |
68 # To disable tunneled clear text passwords, change to no here! | |
69 #PasswordAuthentication yes | |
70 PasswordAuthentication yes | |
71 #PermitEmptyPasswords no | |
72 | |
73 # Change to no to disable s/key passwords | |
74 #ChallengeResponseAuthentication yes | |
75 ChallengeResponseAuthentication yes | |
76 | |
77 # Kerberos options | |
78 #KerberosOrLocalPasswd yes | |
79 #KerberosTicketCleanup yes | |
80 #KerberosGetAFSToken no | |
81 | |
82 # GSSAPI options | |
83 #GSSAPIAuthentication no | |
84 GSSAPIAuthentication yes | |
85 #GSSAPICleanupCredentials yes | |
86 GSSAPICleanupCredentials yes | |
87 | |
88 # Set this to 'yes' to enable PAM authentication, account processing, | |
89 # and session processing. If this is enabled, PAM authentication will | |
90 # be allowed through the ChallengeResponseAuthentication mechanism. | |
91 # Depending on your PAM configuration, this may bypass the setting of | |
92 # PasswordAuthentication, PermitEmptyPasswords, and | |
93 # "PermitRootLogin without-password". If you just want the PAM account and | |
94 # session checks to run without PAM authentication, then enable this but set | |
95 # ChallengeResponseAuthentication=no | |
96 #UsePAM no | |
97 UsePAM yes | |
98 | |
99 # Accept locale-related environment variables | |
100 AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
101 AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
102 AcceptEnv LC_IDENTIFICATION LC_ALL | |
103 #AllowTcpForwarding yes | |
104 AllowTcpForwarding yes | |
105 #GatewayPorts no | |
106 #X11Forwarding no | |
107 X11Forwarding yes | |
108 #X11DisplayOffset 10 | |
109 #X11UseLocalhost yes | |
110 X11UseLocalhost yes | |
111 #PrintMotd yes | |
112 PrintMotd yes | |
113 #PrintLastLog yes | |
114 #TCPKeepAlive yes | |
115 TCPKeepAlive yes | |
116 #UseLogin no | |
117 #UsePrivilegeSeparation yes | |
118 #PermitUserEnvironment no | |
119 #Compression delayed | |
120 #ClientAliveInterval 0 | |
121 ClientAliveInterval 0 | |
122 ClientAliveCountMax 3 | |
123 #ShowPatchLevel no | |
124 #UseDNS yes | |
125 UseDNS yes | |
126 #PidFile /var/run/sshd.pid | |
127 #MaxStartups 10:30:100 | |
128 #MaxSessions 10 | |
129 | |
130 #PermitTunnel no | |
131 PermitTunnel no | |
132 #ChrootDirectory none | |
133 | |
134 # no default banner path | |
135 #Banner none | |
136 Banner none | |
137 | |
138 #XAuthLocation /usr/bin/xauth | |
139 XAuthLocation /usr/bin/xauth | |
140 | |
141 # override default of no subsystems | |
142 Subsystem sftp /usr/libexec/openssh/sftp-server | |
143 |