docs(system/sshd): document variables

Signed-off-by: Matej Focko <me@mfocko.xyz>
This commit is contained in:
Matej Focko 2024-07-12 14:52:31 +02:00
parent d5e843f088
commit c116552ab8
Signed by: mfocko
SSH key fingerprint: SHA256:icm0fIOSJUpy5+1x23sfr+hLtF9UhY8VpMC7H4WFJP8

View file

@ -1,7 +1,15 @@
---
system_sshd_port: 10022
system_sshd_sign_host_keys: true
system_sshd_auth_permit_root_login: "no"
# Whether to accept password auth; yes or no
system_sshd_auth_password_authentication: "no"
# Whether to allow root login; yes or no
system_sshd_auth_permit_root_login: "no"
# Whether to setup trusted CA (against the HashiCorp Vault instance)
system_sshd_auth_trusted_ca: true
# Default port where the SSH daemon runs; also adjusts the SELinux policy
system_sshd_port: 10022
# [TODO]: Whether to sign the host keys (against the HashiCorp Vault instance)
system_sshd_sign_host_keys: true