Commit Graph

7 Commits

Author SHA1 Message Date
5c39f1abd8
roles/common: minor changes to Debian sshd_config files 2023-08-10 22:10:04 +02:00
6794eb0432
roles/common: default to disabling SSH passwords 2023-08-10 22:09:03 +02:00
d280859b0d
roles/common: minor updates to Debian 11 sshd_config 2023-08-09 21:55:04 +02:00
65e6dd34cd
roles/common: Add missing section to Debian 11 sshd_config
We need to be able to configure the list of SSH users.
2021-09-27 12:59:27 +03:00
0bad75788d
roles/common: Add encryption settings to Debian 11 sshd_config
Mostly based on the ssh-audit policy for OpenSSH 8.4, but with any
algorithms using less than 256 bits removed. NSA's Suite B removed
these long ago, and the new CNSA suite only uses 256 and up.

See: https://github.com/jtesta/ssh-audit/blob/master/src/ssh_audit/policy.py
See: https://en.wikipedia.org/wiki/Commercial_National_Security_Algorithm_Suite
2021-07-24 22:28:59 +03:00
892033b880
roles/common: port common settings to Debian 11 sshd_config
Still need to add the encryption settings.
2021-07-22 14:16:20 +03:00
7c6ab2a652 roles/common: Add sshd_config from Debian 11 RC2 2021-07-22 14:15:00 +03:00