Mercurial > repos > other > Puppet
comparison modules/ssh/spec/fixtures/sshd_config_suse_x86_64 @ 385:d9009f54eb23
Migrate to a fully-fledged SSH module
This handles lots of the server path differences for us
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Mon, 03 Jan 2022 17:05:54 +0000 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 384:22e45bb5ea97 | 385:d9009f54eb23 |
|---|---|
| 1 # This file is being maintained by Puppet. | |
| 2 # DO NOT EDIT | |
| 3 | |
| 4 # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ | |
| 5 | |
| 6 # This is the sshd server system-wide configuration file. See | |
| 7 # sshd_config(5) for more information. | |
| 8 | |
| 9 # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin | |
| 10 | |
| 11 # The strategy used for options in the default sshd_config shipped with | |
| 12 # OpenSSH is to specify options with their default value where | |
| 13 # possible, but leave them commented. Uncommented options change a | |
| 14 # default value. | |
| 15 | |
| 16 #Port 22 | |
| 17 Port 22 | |
| 18 #Protocol 2,1 | |
| 19 Protocol 2 | |
| 20 #AddressFamily any | |
| 21 AddressFamily any | |
| 22 | |
| 23 # HostKey for protocol version 1 | |
| 24 #HostKey /etc/ssh/ssh_host_key | |
| 25 # HostKeys for protocol version 2 | |
| 26 #HostKey /etc/ssh/ssh_host_rsa_key | |
| 27 #HostKey /etc/ssh/ssh_host_dsa_key | |
| 28 HostKey /etc/ssh/ssh_host_rsa_key | |
| 29 | |
| 30 # Lifetime and size of ephemeral version 1 server key | |
| 31 #KeyRegenerationInterval 1h | |
| 32 #ServerKeyBits 1024 | |
| 33 ServerKeyBits 1024 | |
| 34 # Logging | |
| 35 # obsoletes QuietMode and FascistLogging | |
| 36 #SyslogFacility AUTH | |
| 37 SyslogFacility AUTH | |
| 38 #LogLevel INFO | |
| 39 LogLevel INFO | |
| 40 | |
| 41 # Authentication: | |
| 42 | |
| 43 #LoginGraceTime 120 | |
| 44 LoginGraceTime 120 | |
| 45 #PermitRootLogin yes | |
| 46 PermitRootLogin yes | |
| 47 #StrictModes yes | |
| 48 #MaxAuthTries 6 | |
| 49 | |
| 50 #RSAAuthentication yes | |
| 51 #PubkeyAuthentication yes | |
| 52 PubkeyAuthentication yes | |
| 53 #AuthorizedKeysFile .ssh/authorized_keys | |
| 54 | |
| 55 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | |
| 56 #RhostsRSAAuthentication no | |
| 57 # similar for protocol version 2 | |
| 58 #HostbasedAuthentication no | |
| 59 HostbasedAuthentication no | |
| 60 # Change to yes if you don't trust ~/.ssh/known_hosts for | |
| 61 # RhostsRSAAuthentication and HostbasedAuthentication | |
| 62 #IgnoreUserKnownHosts no | |
| 63 IgnoreUserKnownHosts no | |
| 64 # Don't read the user's ~/.rhosts and ~/.shosts files | |
| 65 #IgnoreRhosts yes | |
| 66 IgnoreRhosts yes | |
| 67 | |
| 68 # To disable tunneled clear text passwords, change to no here! | |
| 69 #PasswordAuthentication yes | |
| 70 PasswordAuthentication yes | |
| 71 #PermitEmptyPasswords no | |
| 72 | |
| 73 # Change to no to disable s/key passwords | |
| 74 #ChallengeResponseAuthentication yes | |
| 75 ChallengeResponseAuthentication yes | |
| 76 | |
| 77 # Kerberos options | |
| 78 #KerberosOrLocalPasswd yes | |
| 79 #KerberosTicketCleanup yes | |
| 80 #KerberosGetAFSToken no | |
| 81 | |
| 82 # GSSAPI options | |
| 83 #GSSAPIAuthentication no | |
| 84 GSSAPIAuthentication yes | |
| 85 #GSSAPICleanupCredentials yes | |
| 86 GSSAPICleanupCredentials yes | |
| 87 | |
| 88 # Set this to 'yes' to enable PAM authentication, account processing, | |
| 89 # and session processing. If this is enabled, PAM authentication will | |
| 90 # be allowed through the ChallengeResponseAuthentication mechanism. | |
| 91 # Depending on your PAM configuration, this may bypass the setting of | |
| 92 # PasswordAuthentication, PermitEmptyPasswords, and | |
| 93 # "PermitRootLogin without-password". If you just want the PAM account and | |
| 94 # session checks to run without PAM authentication, then enable this but set | |
| 95 # ChallengeResponseAuthentication=no | |
| 96 #UsePAM no | |
| 97 UsePAM yes | |
| 98 | |
| 99 # Accept locale-related environment variables | |
| 100 AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
| 101 AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
| 102 AcceptEnv LC_IDENTIFICATION LC_ALL | |
| 103 #AllowTcpForwarding yes | |
| 104 AllowTcpForwarding yes | |
| 105 #GatewayPorts no | |
| 106 #X11Forwarding no | |
| 107 X11Forwarding yes | |
| 108 #X11DisplayOffset 10 | |
| 109 #X11UseLocalhost yes | |
| 110 X11UseLocalhost yes | |
| 111 #PrintMotd yes | |
| 112 PrintMotd yes | |
| 113 #PrintLastLog yes | |
| 114 #TCPKeepAlive yes | |
| 115 TCPKeepAlive yes | |
| 116 #UseLogin no | |
| 117 #UsePrivilegeSeparation yes | |
| 118 #PermitUserEnvironment no | |
| 119 #Compression delayed | |
| 120 #ClientAliveInterval 0 | |
| 121 ClientAliveInterval 0 | |
| 122 ClientAliveCountMax 3 | |
| 123 #ShowPatchLevel no | |
| 124 #UseDNS yes | |
| 125 UseDNS yes | |
| 126 #PidFile /var/run/sshd.pid | |
| 127 #MaxStartups 10:30:100 | |
| 128 #MaxSessions 10 | |
| 129 | |
| 130 #PermitTunnel no | |
| 131 PermitTunnel no | |
| 132 #ChrootDirectory none | |
| 133 | |
| 134 # no default banner path | |
| 135 #Banner none | |
| 136 Banner none | |
| 137 | |
| 138 #XAuthLocation /usr/bin/xauth | |
| 139 XAuthLocation /usr/bin/xauth | |
| 140 | |
| 141 # override default of no subsystems | |
| 142 Subsystem sftp /usr/lib64/ssh/sftp-server | |
| 143 |