Include /etc/ssh/sshd_config.d/*.conf

Port 22

PermitRootLogin no
PermitEmptyPasswords no
PasswordAuthentication no

PubkeyAuthentication yes
UsePAM yes
AuthorizedKeysCommand /usr/sbin/kanidm_ssh_authorizedkeys %u
AuthorizedKeysCommandUser nobody

KbdInteractiveAuthentication no
GSSAPIAuthentication no
KerberosAuthentication no

AllowAgentForwarding yes
X11Forwarding no

PrintMotd no
PrintLastLog yes

AcceptEnv LANG LC_*
Subsystem       sftp    /usr/lib/openssh/sftp-server

TCPKeepAlive yes
ClientAliveInterval 300
ClientAliveCountMax 1