Last active
May 17, 2019 22:56
-
-
Save hartek/82decb8f0817d1a6ec8a10454e9134c4 to your computer and use it in GitHub Desktop.
Standard secure SSH configuration for a VPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Standard SSH configuration by hartek from Follow the White Rabbit (https://www.fwhibbit.es) | |
| # Network configuration | |
| Port 22 # Change this maybe | |
| AddressFamily inet | |
| ListenAddress 0.0.0.0 | |
| #ListenAddress :: | |
| # Authentication | |
| LoginGraceTime 10 | |
| PermitRootLogin no | |
| StrictModes yes | |
| MaxAuthTries 1 | |
| MaxSessions 10 | |
| PubkeyAuthentication yes | |
| HostbasedAuthentication no | |
| PasswordAuthentication no | |
| PermitEmptyPasswords no | |
| ChallengeResponseAuthentication no | |
| KerberosAuthentication no | |
| GSSAPIAuthentication no | |
| UsePAM no | |
| # Forwarding configuration | |
| AllowAgentForwarding no | |
| AllowTcpForwarding no | |
| GatewayPorts no | |
| X11Forwarding no | |
| PrintMotd no | |
| TCPKeepAlive yes | |
| ClientAliveInterval 120 | |
| ClientAliveCountMax 1 | |
| MaxStartups 10:30:100 | |
| PermitTunnel no | |
| # Allow client to pass locale environment variables | |
| AcceptEnv LANG LC_* |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment