Malte
a87f5083e8
internal sftp-server is needed according to https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh as we want add a user who is only able to upload files in a chroot environment
15 lines
668 B
Django/Jinja
15 lines
668 B
Django/Jinja
Port {{ salt['pillar.get']('basics:ssh:port', 22) }}
|
|
PermitRootLogin {{ salt['pillar.get']('basics:ssh:permit_root_login', 'yes') }}
|
|
MaxSessions 1
|
|
PubkeyAuthentication {{ salt['pillar.get']('basics:ssh:pubkey_authentication', 'yes') }}
|
|
HostbasedAuthentication no
|
|
IgnoreRhosts yes
|
|
PasswordAuthentication {{ salt['pillar.get']('basics:ssh:password_authentication', 'no') }}
|
|
ChallengeResponseAuthentication no
|
|
UsePAM yes
|
|
AllowTcpForwarding {{ salt['pillar.get']('basics:ssh:allow_tcp_forwarding', 'no') }}
|
|
X11Forwarding {{ salt['pillar.get']('basics:ssh:x11_forwarding', 'no') }}
|
|
PrintMotd no
|
|
MaxStartups 5:50:30
|
|
AcceptEnv LANG LC_*
|
|
Subsystem sftp internal-sftp
|