From 6ac701886a1f207e2a768cd081f05c20b97f8211 Mon Sep 17 00:00:00 2001 From: kairee Date: Thu, 30 Sep 2021 07:57:41 +0000 Subject: [PATCH] feat: update sshd_config - AddressFamily from inet to any - Allow root login with authorized keys --- etc/ssh/sshd_config | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/etc/ssh/sshd_config b/etc/ssh/sshd_config index 92b3e99..ae7f65b 100644 --- a/etc/ssh/sshd_config +++ b/etc/ssh/sshd_config @@ -1,9 +1,10 @@ Port 46571 -AddressFamily inet +AddressFamily any Protocol 2 HostKey /etc/ssh/ssh_host_ecdsa_key +HostKey /etc/ssh/ssh_host_ed25519_key SyslogFacility AUTHPRIV -PermitRootLogin no +PermitRootLogin prohibit-password AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication no @@ -17,11 +18,8 @@ TCPKeepAlive yes ClientAliveInterval 60 UseDNS no PrintMotd no -AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES -AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT -AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE -AcceptEnv XMODIFIERS -Subsystem sftp /usr/libexec/openssh/sftp-server +AcceptEnv LANG LC_* +Subsystem sftp /usr/lib/openssh/sftp-server Match User kairee PasswordAuthentication yes \ No newline at end of file