From a8fbe4fc1bf08693958cfc432a400886057f4877 Mon Sep 17 00:00:00 2001 From: DroneShipper Date: Fri, 22 Nov 2019 23:15:00 +0000 Subject: [PATCH] [SKIP CI] update readme --- README.md | 358 +++++++++++++++++++++++++++--------------------------- 1 file changed, 179 insertions(+), 179 deletions(-) diff --git a/README.md b/README.md index 681299c..9d5a0e9 100644 --- a/README.md +++ b/README.md @@ -8,33 +8,33 @@ Configure sshd server ## Table of content * [Default Variables](#default-variables) - * [sshd_protocol](#sshd_protocol) - * [sshd_permit_root_login](#sshd_permit_root_login) - * [sshd_permit_empty_passwords](#sshd_permit_empty_passwords) - * [sshd_password_authentication](#sshd_password_authentication) - * [sshd_gssapi_authentication](#sshd_gssapi_authentication) - * [sshd_strict_modes](#sshd_strict_modes) - * [sshd_allow_groups](#sshd_allow_groups) - * [sshd_ignore_rhosts](#sshd_ignore_rhosts) - * [sshd_hostbased_authentication](#sshd_hostbased_authentication) - * [sshd_client_alive_interval](#sshd_client_alive_interval) - * [sshd_client_alive_count_max](#sshd_client_alive_count_max) - * [sshd_ciphers](#sshd_ciphers) - * [sshd_kex](#sshd_kex) - * [sshd_moduli_minimum](#sshd_moduli_minimum) - * [sshd_macs](#sshd_macs) * [sshd_allow_agent_forwarding](#sshd_allow_agent_forwarding) - * [sshd_x11_forwarding](#sshd_x11_forwarding) + * [sshd_allow_groups](#sshd_allow_groups) * [sshd_allow_tcp_forwarding](#sshd_allow_tcp_forwarding) - * [sshd_compression](#sshd_compression) - * [sshd_log_level](#sshd_log_level) - * [sshd_max_auth_tries](#sshd_max_auth_tries) - * [sshd_max_sessions](#sshd_max_sessions) - * [sshd_tcp_keep_alive](#sshd_tcp_keep_alive) - * [sshd_use_dns](#sshd_use_dns) * [sshd_challenge_response_authentication](#sshd_challenge_response_authentication) + * [sshd_ciphers](#sshd_ciphers) + * [sshd_client_alive_count_max](#sshd_client_alive_count_max) + * [sshd_client_alive_interval](#sshd_client_alive_interval) + * [sshd_compression](#sshd_compression) * [sshd_google_auth_enabled](#sshd_google_auth_enabled) * [sshd_google_auth_exclude_group](#sshd_google_auth_exclude_group) + * [sshd_gssapi_authentication](#sshd_gssapi_authentication) + * [sshd_hostbased_authentication](#sshd_hostbased_authentication) + * [sshd_ignore_rhosts](#sshd_ignore_rhosts) + * [sshd_kex](#sshd_kex) + * [sshd_log_level](#sshd_log_level) + * [sshd_macs](#sshd_macs) + * [sshd_max_auth_tries](#sshd_max_auth_tries) + * [sshd_max_sessions](#sshd_max_sessions) + * [sshd_moduli_minimum](#sshd_moduli_minimum) + * [sshd_password_authentication](#sshd_password_authentication) + * [sshd_permit_empty_passwords](#sshd_permit_empty_passwords) + * [sshd_permit_root_login](#sshd_permit_root_login) + * [sshd_protocol](#sshd_protocol) + * [sshd_strict_modes](#sshd_strict_modes) + * [sshd_tcp_keep_alive](#sshd_tcp_keep_alive) + * [sshd_use_dns](#sshd_use_dns) + * [sshd_x11_forwarding](#sshd_x11_forwarding) * [Dependencies](#dependencies) * [License](#license) * [Author](#author) @@ -43,52 +43,12 @@ Configure sshd server ## Default Variables -### sshd_protocol +### sshd_allow_agent_forwarding #### Default value ```YAML -sshd_protocol: 2 -``` - -### sshd_permit_root_login - -#### Default value - -```YAML -sshd_permit_root_login: yes -``` - -### sshd_permit_empty_passwords - -#### Default value - -```YAML -sshd_permit_empty_passwords: no -``` - -### sshd_password_authentication - -#### Default value - -```YAML -sshd_password_authentication: no -``` - -### sshd_gssapi_authentication - -#### Default value - -```YAML -sshd_gssapi_authentication: yes -``` - -### sshd_strict_modes - -#### Default value - -```YAML -sshd_strict_modes: yes +sshd_allow_agent_forwarding: no ``` ### sshd_allow_groups @@ -99,36 +59,22 @@ sshd_strict_modes: yes sshd_allow_groups: [] ``` -### sshd_ignore_rhosts +### sshd_allow_tcp_forwarding #### Default value ```YAML -sshd_ignore_rhosts: yes +sshd_allow_tcp_forwarding: yes ``` -### sshd_hostbased_authentication +### sshd_challenge_response_authentication + +If you disable password auth you should disable ChallengeResponseAuth also. #### Default value ```YAML -sshd_hostbased_authentication: no -``` - -### sshd_client_alive_interval - -#### Default value - -```YAML -sshd_client_alive_interval: 900 -``` - -### sshd_client_alive_count_max - -#### Default value - -```YAML -sshd_client_alive_count_max: 0 +sshd_challenge_response_authentication: no ``` ### sshd_ciphers @@ -145,61 +91,20 @@ sshd_ciphers: - aes128-ctr ``` -### sshd_kex +### sshd_client_alive_count_max #### Default value ```YAML -sshd_kex: - - curve25519-sha256@libssh.org - - diffie-hellman-group-exchange-sha256 +sshd_client_alive_count_max: 0 ``` -### sshd_moduli_minimum +### sshd_client_alive_interval #### Default value ```YAML -sshd_moduli_minimum: 2048 -``` - -### sshd_macs - -#### Default value - -```YAML -sshd_macs: - - hmac-sha2-512-etm@openssh.com - - hmac-sha2-256-etm@openssh.com - - hmac-ripemd160-etm@openssh.com - - umac-128-etm@openssh.com - - hmac-sha2-512 - - hmac-sha2-256 - - hmac-ripemd160 -``` - -### sshd_allow_agent_forwarding - -#### Default value - -```YAML -sshd_allow_agent_forwarding: no -``` - -### sshd_x11_forwarding - -#### Default value - -```YAML -sshd_x11_forwarding: yes -``` - -### sshd_allow_tcp_forwarding - -#### Default value - -```YAML -sshd_allow_tcp_forwarding: yes +sshd_client_alive_interval: 900 ``` ### sshd_compression @@ -210,56 +115,6 @@ sshd_allow_tcp_forwarding: yes sshd_compression: delayed ``` -### sshd_log_level - -#### Default value - -```YAML -sshd_log_level: INFO -``` - -### sshd_max_auth_tries - -#### Default value - -```YAML -sshd_max_auth_tries: 6 -``` - -### sshd_max_sessions - -#### Default value - -```YAML -sshd_max_sessions: 10 -``` - -### sshd_tcp_keep_alive - -#### Default value - -```YAML -sshd_tcp_keep_alive: yes -``` - -### sshd_use_dns - -#### Default value - -```YAML -sshd_use_dns: yes -``` - -### sshd_challenge_response_authentication - -If you disable password auth you should disable ChallengeResponseAuth also. - -#### Default value - -```YAML -sshd_challenge_response_authentication: no -``` - ### sshd_google_auth_enabled Google Authenticator required ChallengeResponseAuth! @@ -286,6 +141,151 @@ sshd_google_auth_exclude_group: _unset_ sshd_google_auth_exclude_group: my_group ``` +### sshd_gssapi_authentication + +#### Default value + +```YAML +sshd_gssapi_authentication: yes +``` + +### sshd_hostbased_authentication + +#### Default value + +```YAML +sshd_hostbased_authentication: no +``` + +### sshd_ignore_rhosts + +#### Default value + +```YAML +sshd_ignore_rhosts: yes +``` + +### sshd_kex + +#### Default value + +```YAML +sshd_kex: + - curve25519-sha256@libssh.org + - diffie-hellman-group-exchange-sha256 +``` + +### sshd_log_level + +#### Default value + +```YAML +sshd_log_level: INFO +``` + +### sshd_macs + +#### Default value + +```YAML +sshd_macs: + - hmac-sha2-512-etm@openssh.com + - hmac-sha2-256-etm@openssh.com + - hmac-ripemd160-etm@openssh.com + - umac-128-etm@openssh.com + - hmac-sha2-512 + - hmac-sha2-256 + - hmac-ripemd160 +``` + +### sshd_max_auth_tries + +#### Default value + +```YAML +sshd_max_auth_tries: 6 +``` + +### sshd_max_sessions + +#### Default value + +```YAML +sshd_max_sessions: 10 +``` + +### sshd_moduli_minimum + +#### Default value + +```YAML +sshd_moduli_minimum: 2048 +``` + +### sshd_password_authentication + +#### Default value + +```YAML +sshd_password_authentication: no +``` + +### sshd_permit_empty_passwords + +#### Default value + +```YAML +sshd_permit_empty_passwords: no +``` + +### sshd_permit_root_login + +#### Default value + +```YAML +sshd_permit_root_login: yes +``` + +### sshd_protocol + +#### Default value + +```YAML +sshd_protocol: 2 +``` + +### sshd_strict_modes + +#### Default value + +```YAML +sshd_strict_modes: yes +``` + +### sshd_tcp_keep_alive + +#### Default value + +```YAML +sshd_tcp_keep_alive: yes +``` + +### sshd_use_dns + +#### Default value + +```YAML +sshd_use_dns: yes +``` + +### sshd_x11_forwarding + +#### Default value + +```YAML +sshd_x11_forwarding: yes +``` + ## Dependencies None.