diff options
Diffstat (limited to 'files/usr/local/etc/ssh')
| -rw-r--r-- | files/usr/local/etc/ssh/ssh_config.freebsd | 9 | ||||
| l--------- | files/usr/local/etc/ssh/ssh_config.freebsd_hypervisor | 1 | ||||
| -rw-r--r-- | files/usr/local/etc/ssh/ssh_config.no_idm | 1 | ||||
| l--------- | files/usr/local/etc/ssh/ssh_config.roadwarrior_laptop | 1 | ||||
| -rw-r--r-- | files/usr/local/etc/ssh/sshd_config.freebsd | 16 | ||||
| l--------- | files/usr/local/etc/ssh/sshd_config.freebsd_hypervisor | 1 | ||||
| -rw-r--r-- | files/usr/local/etc/ssh/sshd_config.no_idm | 10 |
7 files changed, 39 insertions, 0 deletions
diff --git a/files/usr/local/etc/ssh/ssh_config.freebsd b/files/usr/local/etc/ssh/ssh_config.freebsd new file mode 100644 index 0000000..9be624a --- /dev/null +++ b/files/usr/local/etc/ssh/ssh_config.freebsd @@ -0,0 +1,9 @@ +CanonicalizeHostname always +CanonicalizeMaxDots 0 +CanonicalDomains ${domain} +CanonicalizePermittedCNAMEs *.${domain}:*.${domain} +KnownHostsCommand /usr/local/libexec/idm-ssh-known-hosts %H + +Host *.${domain} + GSSAPIAuthentication yes + GSSAPIDelegateCredentials yes diff --git a/files/usr/local/etc/ssh/ssh_config.freebsd_hypervisor b/files/usr/local/etc/ssh/ssh_config.freebsd_hypervisor new file mode 120000 index 0000000..338cdba --- /dev/null +++ b/files/usr/local/etc/ssh/ssh_config.freebsd_hypervisor @@ -0,0 +1 @@ +ssh_config.no_idm
\ No newline at end of file diff --git a/files/usr/local/etc/ssh/ssh_config.no_idm b/files/usr/local/etc/ssh/ssh_config.no_idm new file mode 100644 index 0000000..97f3ba8 --- /dev/null +++ b/files/usr/local/etc/ssh/ssh_config.no_idm @@ -0,0 +1 @@ +# Intentionally empty. diff --git a/files/usr/local/etc/ssh/ssh_config.roadwarrior_laptop b/files/usr/local/etc/ssh/ssh_config.roadwarrior_laptop new file mode 120000 index 0000000..338cdba --- /dev/null +++ b/files/usr/local/etc/ssh/ssh_config.roadwarrior_laptop @@ -0,0 +1 @@ +ssh_config.no_idm
\ No newline at end of file diff --git a/files/usr/local/etc/ssh/sshd_config.freebsd b/files/usr/local/etc/ssh/sshd_config.freebsd new file mode 100644 index 0000000..df46af6 --- /dev/null +++ b/files/usr/local/etc/ssh/sshd_config.freebsd @@ -0,0 +1,16 @@ +Include /etc/ssh/sshd_config.d/*.conf + +PermitRootLogin prohibit-password +AuthorizedKeysFile .ssh/authorized_keys +AuthorizedKeysCommand /usr/local/libexec/idm-ssh-authorized-keys %u +AuthorizedKeysCommandUser ${ssh_authzkeys_user} + +KbdInteractiveAuthentication no +PasswordAuthentication yes + +GSSAPIAuthentication yes +GSSAPICleanupCredentials yes +UsePAM yes +UseDNS no + +Subsystem sftp /usr/local/libexec/sftp-server diff --git a/files/usr/local/etc/ssh/sshd_config.freebsd_hypervisor b/files/usr/local/etc/ssh/sshd_config.freebsd_hypervisor new file mode 120000 index 0000000..355377d --- /dev/null +++ b/files/usr/local/etc/ssh/sshd_config.freebsd_hypervisor @@ -0,0 +1 @@ +sshd_config.no_idm
\ No newline at end of file diff --git a/files/usr/local/etc/ssh/sshd_config.no_idm b/files/usr/local/etc/ssh/sshd_config.no_idm new file mode 100644 index 0000000..8a15559 --- /dev/null +++ b/files/usr/local/etc/ssh/sshd_config.no_idm @@ -0,0 +1,10 @@ +PermitRootLogin prohibit-password +AuthorizedKeysFile .ssh/authorized_keys + +KbdInteractiveAuthentication no +PasswordAuthentication yes + +UsePAM yes +UseDNS no + +Subsystem sftp /usr/local/libexec/sftp-server |