From ebcc1e2faedc410dc97647fedc780c3b6727c4e9 Mon Sep 17 00:00:00 2001 From: doobry Date: Fri, 4 Aug 2023 12:57:40 +0200 Subject: [PATCH] Minor adjustments to the sshd config file from Bookworm version --- templates/sshd_config.j2 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/templates/sshd_config.j2 b/templates/sshd_config.j2 index b8e22e6..c33da85 100644 --- a/templates/sshd_config.j2 +++ b/templates/sshd_config.j2 @@ -2,7 +2,7 @@ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin +# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where @@ -93,13 +93,13 @@ ChallengeResponseAuthentication {{ sshd_challenge_response_authentication }} # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and +# be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin prohibit-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. UsePAM {{ sshd_use_pam }} AllowAgentForwarding {{ sshd_allow_agent_forwarding }} @@ -117,7 +117,7 @@ TCPKeepAlive {{ sshd_tcp_keep_alive }} ClientAliveInterval {{ sshd_client_alive_interval }} ClientAliveCountMax {{ sshd_client_alive_count_max }} UseDNS {{ sshd_use_dns }} -#PidFile /var/run/sshd.pid +#PidFile /run/sshd.pid MaxStartups {{ sshd_max_startups }} #PermitTunnel no #ChrootDirectory none