more ssh hardening bits

2025-06-23 22:34:52 -05:00
parent 4a38cd404f
commit 1a8980afc6
3 changed files with 46 additions and 0 deletions
--- a/13
+++ b/13
@@ -0,0 +1,13 @@
+Include /etc/ssh/sshd_config.d/*.conf
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+KbdInteractiveAuthentication no
+X11Forwarding yes
+PrintMotd no
+PasswordAuthentication no
+ChallengeResponseAuthentication no
+Banner none
+AcceptEnv LANG LC_*
+Subsystem       sftp    /usr/lib/openssh/sftp-server
+UsePAM yes
+PermitRootLogin prohibit-password