diff options
Diffstat (limited to 'images/git/gitolite/sshd_config')
-rw-r--r-- | images/git/gitolite/sshd_config | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/images/git/gitolite/sshd_config b/images/git/gitolite/sshd_config new file mode 100644 index 0000000..15b448f --- /dev/null +++ b/images/git/gitolite/sshd_config @@ -0,0 +1,55 @@ +# Package generated configuration file +# See the sshd_config(5) manpage for details + +# What ports, IPs and protocols we listen for +Port 22 +# Use these options to restrict which interfaces/protocols sshd will bind to +#ListenAddress :: +#ListenAddress 0.0.0.0 +Protocol 2 +# HostKeys for protocol version 2 +HostKey /data/ssh/host_rsa_key +HostKey /data/ssh/host_dsa_key +HostKey /data/ssh/host_ecdsa_key +HostKey /data/ssh/host_ed25519_key +#Privilege Separation is turned on for security +UsePrivilegeSeparation yes + +# Logging +SyslogFacility AUTH +LogLevel VERBOSE + +# Authentication: +LoginGraceTime 120 +PermitRootLogin no +StrictModes yes + +PubkeyAuthentication yes +AuthorizedKeysFile /data/git/.ssh/authorized_keys + +# Don't read the user's ~/.rhosts and ~/.shosts files +IgnoreRhosts yes +# similar for protocol version 2 +HostbasedAuthentication no +# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication +#IgnoreUserKnownHosts yes + +# To enable empty passwords, change to yes (NOT RECOMMENDED) +PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +ChallengeResponseAuthentication no + +# Change to no to disable tunnelled clear text passwords +PasswordAuthentication no + +X11Forwarding no +PrintMotd no +TCPKeepAlive yes +#UseLogin no + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# Subsystem sftp /usr/lib/openssh/sftp-server |