Home Explore Help
Register Sign In
fphammerle
/
docker-ssh-bastion
mirror of https://github.com/fphammerle/docker-ssh-bastion/
1
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
docker-ssh-bast...
/
sshd_config

sshd_config 941 B
Permalink History Raw

12345678910111213141516171819202122232425262728293031 
  1. Protocol 2
    2. 

  2. 

  3. # LogLevel VERBOSE
    4. 

  4. 

  5. HostKey /etc/ssh/host_keys/rsa
    6. 

  6. 

  7. # https://cipherli.st/
    8. 

  8. KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
    9. 

  9. Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
    10. 

  10. MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
    11. 

  11. 

  12. PermitRootLogin no
    13. 

  13. PubkeyAuthentication yes
    14. 

  14. # > RSA: The length of the modulus n shall be 2048 bits or more to meet the
    15. 

  15. # > minimum security-strength requirement of 112 bits [...]
    16. 

  16. # https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
    17. 

  17. RequiredRSASize 2048
    18. 

  18. PasswordAuthentication no
    19. 

  19. StrictModes no
    20. 

  20. # separated by spaces
    21. 

  21. AllowUsers _
    22. 

  22. 

  23. ForceCommand /bin/false
    24. 

  24. AllowAgentForwarding no
    25. 

  25. AllowTcpForwarding all
    26. 

  26. GatewayPorts no
    27. 

  27. PermitTunnel no
    28. 

  28. X11Forwarding no
    29. 

  29. PermitUserEnvironment no
    30. 

  30. PermitTTY no
    31. 

  31. PrintMotd no
    32.