From ec3e451e318834e69426d224df37ed4869f629f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Sat, 19 Aug 2023 01:32:21 +0200 Subject: [PATCH] ssh: Update sshd_config Arch Linux sets their custom settings in a different file now. --- roles/ssh/templates/sshd_config.j2 | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/roles/ssh/templates/sshd_config.j2 b/roles/ssh/templates/sshd_config.j2 index f3dfa3f..1072b74 100644 --- a/roles/ssh/templates/sshd_config.j2 +++ b/roles/ssh/templates/sshd_config.j2 @@ -1,4 +1,6 @@ -# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ +# TODO: Only do this on Arch Linux +# Include drop-in configurations +Include /etc/ssh/sshd_config.d/*.conf # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -67,7 +69,7 @@ PasswordAuthentication no #PermitEmptyPasswords no # Change to no to disable s/key passwords -KbdInteractiveAuthentication no +#KbdInteractiveAuthentication yes # Kerberos options #KerberosAuthentication no @@ -88,7 +90,7 @@ KbdInteractiveAuthentication no # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and KbdInteractiveAuthentication to 'no'. -UsePAM yes +#UsePAM no #AllowAgentForwarding yes #AllowTcpForwarding yes @@ -97,7 +99,7 @@ UsePAM yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes -PrintMotd no +#PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no -- 2.44.0