2023-08-29 11:14:23 +02:00
|
|
|
|
---
|
2024-07-12 14:52:31 +02:00
|
|
|
|
# Whether to accept password auth; ‹yes› or ‹no›
|
2024-12-12 16:10:22 +01:00
|
|
|
|
ssh_server_auth_password_authentication: "no"
|
2023-08-29 11:14:23 +02:00
|
|
|
|
|
2024-07-12 14:52:31 +02:00
|
|
|
|
# Whether to allow ‹root› login; ‹yes› or ‹no›
|
2024-12-12 16:10:22 +01:00
|
|
|
|
ssh_server_auth_permit_root_login: "no"
|
2024-07-12 14:52:31 +02:00
|
|
|
|
|
|
|
|
|
# Whether to setup trusted CA (against the HashiCorp Vault instance)
|
2024-12-12 16:10:22 +01:00
|
|
|
|
ssh_server_auth_trusted_ca: true
|
2024-07-12 14:52:31 +02:00
|
|
|
|
|
|
|
|
|
# Default port where the SSH daemon runs; also adjusts the SELinux policy
|
2024-12-12 16:10:22 +01:00
|
|
|
|
ssh_server_port: 10022
|
2024-07-12 14:52:31 +02:00
|
|
|
|
|
|
|
|
|
# [TODO]: Whether to sign the host keys (against the HashiCorp Vault instance)
|
2024-12-12 16:10:22 +01:00
|
|
|
|
ssh_server_sign_host_keys: true
|