Updates

author: Elizabeth Hunt <me@liz.coffee> 2025-07-20 22:08:30 -0700
committer: Elizabeth Hunt <me@liz.coffee> 2025-07-20 22:08:30 -0700
commit: d41dcde0556c425a959961c47db7aa1044182a84 (patch)
tree: fb00321acc11472373087eaf69415748b6fbd389 /fs/etc/ssh
parent: dbad03a65449c798ac8bccaf806dbdef8a360689 (diff)
download: archinstall-d41dcde0556c425a959961c47db7aa1044182a84.tar.gz
archinstall-d41dcde0556c425a959961c47db7aa1044182a84.zip
1 files changed, 30 insertions, 0 deletions
diff --git a/fs/etc/ssh/sshd_config b/fs/etc/ssh/sshd_config
new file mode 100644
index 0000000..dec99a1
--- /dev/null
+++ b/fs/etc/ssh/sshd_config
@@ -0,0 +1,30 @@
+Include /etc/ssh/sshd_config.d/*.conf
+
+Port 22
+
+PermitRootLogin no
+PermitEmptyPasswords no
+PasswordAuthentication no
+
+PubkeyAuthentication yes
+UsePAM yes
+AuthorizedKeysCommand /usr/sbin/kanidm_ssh_authorizedkeys %u
+AuthorizedKeysCommandUser nobody
+
+KbdInteractiveAuthentication no
+GSSAPIAuthentication no
+KerberosAuthentication no
+
+AllowAgentForwarding yes
+X11Forwarding no
+
+PrintMotd no
+PrintLastLog yes
+
+AcceptEnv LANG LC_*
+Subsystem       sftp    /usr/lib/openssh/sftp-server
+
+TCPKeepAlive yes
+ClientAliveInterval 300
+ClientAliveCountMax 1
+
author	Elizabeth Hunt <me@liz.coffee>	2025-07-20 22:08:30 -0700
committer	Elizabeth Hunt <me@liz.coffee>	2025-07-20 22:08:30 -0700
commit	d41dcde0556c425a959961c47db7aa1044182a84 (patch)
tree	fb00321acc11472373087eaf69415748b6fbd389 /fs/etc/ssh
parent	dbad03a65449c798ac8bccaf806dbdef8a360689 (diff)
download	archinstall-d41dcde0556c425a959961c47db7aa1044182a84.tar.gz archinstall-d41dcde0556c425a959961c47db7aa1044182a84.zip