diff --git a/ssh-server.txt b/ssh-server.txt new file mode 100644 index 0000000..4f24d7a --- /dev/null +++ b/ssh-server.txt @@ -0,0 +1,46 @@ +/etc/ssh/sshd_config +---------------------- + +AcceptEnv no +AddressFamily inet +AllowAgentForwarding yes +AllowTcpForwarding yes +Banner /etc/issue.net +ChallengeResponseAuthentication no +Ciphers aes256-cbc,aes256-ctr +DebianBanner no +HostKey /etc/ssh/ssh_host_dsa_key +HostKey /etc/ssh/ssh_host_rsa_key +HostbasedAuthentication no +HostbasedUsesNameFromPacketOnly yes +IgnoreRhosts yes +KeyRegenerationInterval 3600 +LogLevel INFO +LoginGraceTime 30 +MACs hmac-md5,hmac-sha1 +MaxAuthTries 3 +MaxStartups 2 +PermitEmptyPasswords no +PermitRootLogin no +PermitUserEnvironment no +Port 22 +PrintLastLog yes +PrintMotd no +Protocol 2 +PubkeyAuthentication yes +RSAAuthentication yes +RhostsRSAAuthentication no +ServerKeyBits 768 +StrictModes yes +Subsystem sftp /usr/lib/openssh/sftp-server +TCPKeepAlive yes +UseDNS no +UsePAM yes +UsePrivilegeSeparation yes +X11DisplayOffset 10 +X11Forwarding yes + +# DenyUsers user1 user2 user3 +# DenyGroups group1 group2 +# AllowUsers user1 user2 +# AllowGroups group1 group2