Stricter sshd config
This commit is contained in:
Pierre Ozoux
GitHub
parent
e76505cda8
commit
b0440ddb79
1 changed files with 11 additions and 0 deletions
11
user_data
11
user_data
|
|
@ -1,6 +1,17 @@
|
||||||
#cloud-config
|
#cloud-config
|
||||||
|
|
||||||
write_files:
|
write_files:
|
||||||
|
- path: /etc/ssh/sshd_config
|
||||||
|
permissions: 0600
|
||||||
|
owner: root:root
|
||||||
|
content: |
|
||||||
|
# Use most defaults for sshd configuration.
|
||||||
|
UsePrivilegeSeparation sandbox
|
||||||
|
Subsystem sftp internal-sftp
|
||||||
|
PermitRootLogin no
|
||||||
|
AllowUsers core
|
||||||
|
PasswordAuthentication no
|
||||||
|
ChallengeResponseAuthentication no
|
||||||
- path: /etc/sysctl.d/libresh.conf
|
- path: /etc/sysctl.d/libresh.conf
|
||||||
permissions: 0644
|
permissions: 0644
|
||||||
owner: root
|
owner: root
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue