Created
January 23, 2022 18:51
-
-
Save Job79/607215571ee44326ff8f08c6d36f36b5 to your computer and use it in GitHub Desktop.
Secure public key only openssh daemon configuration.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Restrict SSH usage | |
| AllowGroups ssh | |
| AuthorizedKeysFile .ssh/authorized_keys | |
| # Ciphers | |
| RekeyLimit 512M 1H | |
| KexAlgorithms curve25519-sha256@libssh.org | |
| Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com | |
| MACs hmac-sha2-512-etm@openssh.com | |
| HostKeyAlgorithms ssh-ed25519 | |
| # Authentication | |
| PasswordAuthentication no | |
| ChallengeResponseAuthentication no | |
| PubkeyAuthentication yes | |
| # Limit sessions | |
| MaxAuthTries 2 | |
| MaxSessions 5 | |
| ClientAliveInterval 30 | |
| ClientAliveCountMax 6 | |
| AllowAgentForwarding no | |
| AllowTcpForwarding no | |
| X11Forwarding no | |
| PrintMotd no |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment