Add a Default SSH Config and CA

This commit is contained in:
seiichiro 2021-10-31 19:23:50 +01:00
parent 6c21b221b3
commit 864bdacaed
2 changed files with 28 additions and 0 deletions

1
etc/ssh/ssh-ca.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH+nJART0HRPz+9ykN6cTQp/ixUoPhbyH01D7SGBXW9Z causer@ca01

27
etc/ssh/sshd_config Normal file
View file

@ -0,0 +1,27 @@
Port 22
Protocol 2
ClientAliveInterval 5
ClientAliveCountMax 2
Compression no
TCPKeepAlive no
X11Forwarding no
IgnoreRhosts yes
LoginGraceTime 1m
PermitRootLogin prohibit-password
MaxAuthTries 3
MaxSessions 5
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
TrustedUserCAKeys /etc/ssh/ssh-ca.pub
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
PrintMotd no # pam does that
Subsystem sftp internal-sftp -l INFO