ansible-edda/playbooks/filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2

21 lines
566 B
Django/Jinja

# Yggdrasil SSH daemon configuration. Note that sshd_config(5) states "For each keyword, the first
# obtained value will be used." This is why, despite files > 00 being read later, settings
# configured in this file are retained.
Port {{ ansible_port }}
# Completely disable root login via ssh.
PermitRootLogin no
# Explicitly set the list of allowed ssh users.
AllowUsers {{ ssh_user }}
# SSH enabled only via ssh-key.
PasswordAuthentication no
# No X window forwarding.
X11Forwarding no
# Check in with the client every now and then.
ClientAliveInterval 120