34 lines
688 B
Django/Jinja
34 lines
688 B
Django/Jinja
Banner /etc/issue.net
|
|
PrintMOTD no
|
|
|
|
Port {{ ssh_port | default(22) }}
|
|
Protocol 2
|
|
|
|
# Authentication:
|
|
AllowUsers {{ ssh_users | default("noahk ansible") }}
|
|
ChallengeResponseAuthentication no
|
|
HostbasedAuthentication no
|
|
LoginGraceTime 120
|
|
PasswordAuthentication {{ passwd_auth | default("no") }}
|
|
PermitEmptyPasswords no
|
|
PermitRootLogin no
|
|
PubkeyAuthentication yes
|
|
StrictModes yes
|
|
UsePAM yes
|
|
|
|
# Security
|
|
HostKey /etc/ssh/ssh_host_dsa_key
|
|
HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
HostKey /etc/ssh/ssh_host_rsa_key
|
|
IgnoreRhosts yes
|
|
|
|
# Misc. options
|
|
AcceptEnv LANG LC_*
|
|
TCPKeepAlive yes
|
|
Subsystem sftp {{ sftp_path }}
|
|
|
|
# Logging
|
|
SyslogFacility AUTH
|
|
LogLevel INFO
|