Oauth proxy and monitoring init

author: Elizabeth Hunt <me@liz.coffee> 2025-08-11 18:39:55 -0700
committer: Elizabeth Hunt <me@liz.coffee> 2025-08-11 18:39:55 -0700
commit: 08e92ca3b8ee6c38c3e19126378e51b46cf63b16 (patch)
tree: 6e9c0e0f394d645cea4208bcfab7e1d98d329e0e /playbooks/roles/common/templates/sshd_config
parent: 4f90a2fc5fd134b27c2f0e32a5f1192003d3f0cf (diff)
download: infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.tar.gz
infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/playbooks/roles/common/templates/sshd_config b/playbooks/roles/common/templates/sshd_config
new file mode 100644
index 0000000..239a0c0
--- /dev/null
+++ b/playbooks/roles/common/templates/sshd_config
@@ -0,0 +1,21 @@
+Include /etc/ssh/sshd_config.d/*.conf
+
+Port 22
+PermitRootLogin no
+PubkeyAuthentication yes
+PasswordAuthentication no
+
+KbdInteractiveAuthentication no
+
+UsePAM yes
+
+AllowAgentForwarding yes
+X11Forwarding no
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+ClientAliveInterval 300
+ClientAliveCountMax 1
+
+AcceptEnv LANG LC_*
+Subsystem	sftp	/usr/lib/openssh/sftp-server
author	Elizabeth Hunt <me@liz.coffee>	2025-08-11 18:39:55 -0700
committer	Elizabeth Hunt <me@liz.coffee>	2025-08-11 18:39:55 -0700
commit	08e92ca3b8ee6c38c3e19126378e51b46cf63b16 (patch)
tree	6e9c0e0f394d645cea4208bcfab7e1d98d329e0e /playbooks/roles/common/templates/sshd_config
parent	4f90a2fc5fd134b27c2f0e32a5f1192003d3f0cf (diff)
download	infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.tar.gz infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.zip