removed deprecated options (#150)
This commit is contained in:
parent
cf3b048230
commit
d9653889fa
|
@ -90,10 +90,6 @@
|
||||||
{#- Privilege Separation is turned on for security -#}
|
{#- Privilege Separation is turned on for security -#}
|
||||||
{{- option('UsePrivilegeSeparation') -}}
|
{{- option('UsePrivilegeSeparation') -}}
|
||||||
|
|
||||||
{#- Lifetime and size of ephemeral version 1 server key -#}
|
|
||||||
{{- option('KeyRegenerationInterval') -}}
|
|
||||||
{{- option('ServerKeyBits') -}}
|
|
||||||
|
|
||||||
{#- Logging -#}
|
{#- Logging -#}
|
||||||
{{- option('SyslogFacility') -}}
|
{{- option('SyslogFacility') -}}
|
||||||
{{- option('LogLevel') -}}
|
{{- option('LogLevel') -}}
|
||||||
|
@ -109,8 +105,6 @@
|
||||||
{{- option('MaxAuthTries') -}}
|
{{- option('MaxAuthTries') -}}
|
||||||
{{- option('MaxSessions') -}}
|
{{- option('MaxSessions') -}}
|
||||||
|
|
||||||
{{- option('DSAAuthentication') -}}
|
|
||||||
{{- option('RSAAuthentication') -}}
|
|
||||||
{{- option('PubkeyAuthentication') -}}
|
{{- option('PubkeyAuthentication') -}}
|
||||||
{{- option('AuthorizedKeysFile') -}}
|
{{- option('AuthorizedKeysFile') -}}
|
||||||
{{- option('AuthorizedKeysCommand') -}}
|
{{- option('AuthorizedKeysCommand') -}}
|
||||||
|
@ -118,8 +112,6 @@
|
||||||
|
|
||||||
{#- Don't read the user's ~/.rhosts and ~/.shosts files -#}
|
{#- Don't read the user's ~/.rhosts and ~/.shosts files -#}
|
||||||
{{- option('IgnoreRhosts') -}}
|
{{- option('IgnoreRhosts') -}}
|
||||||
{#- For this to work you will also need host keys in /etc/ssh_known_hosts -#}
|
|
||||||
{{- option('RhostsRSAAuthentication') -}}
|
|
||||||
{#- similar for protocol version 2 -#}
|
{#- similar for protocol version 2 -#}
|
||||||
{{- option('HostbasedAuthentication') -}}
|
{{- option('HostbasedAuthentication') -}}
|
||||||
{#- Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#}
|
{#- Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#}
|
||||||
|
|
|
@ -12,8 +12,6 @@ sshd_config:
|
||||||
- /etc/ssh/ssh_host_ecdsa_key
|
- /etc/ssh/ssh_host_ecdsa_key
|
||||||
- /etc/ssh/ssh_host_ed25519_key
|
- /etc/ssh/ssh_host_ed25519_key
|
||||||
UsePrivilegeSeparation: 'sandbox'
|
UsePrivilegeSeparation: 'sandbox'
|
||||||
KeyRegenerationInterval: 3600
|
|
||||||
ServerKeyBits: 1024
|
|
||||||
SyslogFacility: AUTH
|
SyslogFacility: AUTH
|
||||||
LogLevel: INFO
|
LogLevel: INFO
|
||||||
ClientAliveInterval: 0
|
ClientAliveInterval: 0
|
||||||
|
@ -24,12 +22,10 @@ sshd_config:
|
||||||
StrictModes: 'yes'
|
StrictModes: 'yes'
|
||||||
MaxAuthTries: 6
|
MaxAuthTries: 6
|
||||||
MaxSessions: 10
|
MaxSessions: 10
|
||||||
RSAAuthentication: 'yes'
|
|
||||||
PubkeyAuthentication: 'yes'
|
PubkeyAuthentication: 'yes'
|
||||||
AuthorizedKeysCommand: '/usr/bin/sss_ssh_authorizedkeys'
|
AuthorizedKeysCommand: '/usr/bin/sss_ssh_authorizedkeys'
|
||||||
AuthorizedKeysCommandUser: 'nobody'
|
AuthorizedKeysCommandUser: 'nobody'
|
||||||
IgnoreRhosts: 'yes'
|
IgnoreRhosts: 'yes'
|
||||||
RhostsRSAAuthentication: 'no'
|
|
||||||
HostbasedAuthentication: 'no'
|
HostbasedAuthentication: 'no'
|
||||||
PermitEmptyPasswords: 'no'
|
PermitEmptyPasswords: 'no'
|
||||||
ChallengeResponseAuthentication: 'no'
|
ChallengeResponseAuthentication: 'no'
|
||||||
|
|
Loading…
Reference in New Issue