marko/docker-ssh-jumphost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Hardened SSH config

Browse Source
This commit is contained in:
Christian Baer 2023-01-28 13:51:01 +01:00
parent 6bef7d8ad8
commit 5b30c056ed
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
entrypoint.sh
View File

@ -20,7 +20,4 @@ chown -R ${USER}:${USER} /config
set -xv set -xv
/usr/sbin/sshd -D -e -4 \ /usr/sbin/sshd -D -e -4
-o "HostKey=${CONFIG_DIR}/ssh_host_rsa_key" \
-o "HostKey=${CONFIG_DIR}/ssh_host_ed25519_key" \
-o "Port=${PORT}" \

10
sshd_config
View File

@ -1,7 +1,17 @@
PermitRootLogin no
ChallengeResponseAuthentication no
PasswordAuthentication no
AuthenticationMethods publickey
PubkeyAuthentication yes
AllowUsers bastion
UsePAM no
PermitTTY no PermitTTY no
X11Forwarding no X11Forwarding no
PermitTunnel no PermitTunnel no
GatewayPorts no GatewayPorts no
HostKey /config/ssh_host_ed25519_key
HostKey /config/ssh_host_rsa_key
Port 2222
ForceCommand /sbin/nologin ForceCommand /sbin/nologin
Match User bastion Match User bastion
AllowTcpForwarding yes AllowTcpForwarding yes