summaryrefslogtreecommitdiffstats
path: root/docker/root/etc/templates/sshd_config
diff options
context:
space:
mode:
authorDaniel Baumann <daniel@debian.org>2024-10-18 20:33:49 +0200
committerDaniel Baumann <daniel@debian.org>2024-12-12 23:57:56 +0100
commite68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch)
tree97775d6c13b0f416af55314eb6a89ef792474615 /docker/root/etc/templates/sshd_config
parentInitial commit. (diff)
downloadforgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz
forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip
Adding upstream version 9.0.3.
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to 'docker/root/etc/templates/sshd_config')
-rw-r--r--docker/root/etc/templates/sshd_config43
1 files changed, 43 insertions, 0 deletions
diff --git a/docker/root/etc/templates/sshd_config b/docker/root/etc/templates/sshd_config
new file mode 100644
index 0000000..033c434
--- /dev/null
+++ b/docker/root/etc/templates/sshd_config
@@ -0,0 +1,43 @@
+Port ${SSH_LISTEN_PORT}
+Protocol 2
+
+AddressFamily any
+ListenAddress 0.0.0.0
+ListenAddress ::
+
+${SSH_MAX_STARTUPS}
+${SSH_MAX_SESSIONS}
+
+LogLevel ${SSH_LOG_LEVEL}
+
+HostKey /data/ssh/ssh_host_ed25519_key
+${SSH_ED25519_CERT}
+HostKey /data/ssh/ssh_host_rsa_key
+${SSH_RSA_CERT}
+HostKey /data/ssh/ssh_host_ecdsa_key
+${SSH_ECDSA_CERT}
+
+AuthorizedKeysFile .ssh/authorized_keys
+AuthorizedPrincipalsFile .ssh/authorized_principals
+TrustedUserCAKeys /data/git/.ssh/gitea-trusted-user-ca-keys.pem
+CASignatureAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
+
+UseDNS no
+AllowAgentForwarding no
+AllowTcpForwarding no
+PrintMotd no
+
+PermitUserEnvironment yes
+PermitRootLogin no
+ChallengeResponseAuthentication no
+PasswordAuthentication no
+PermitEmptyPasswords no
+
+AllowUsers ${USER}
+
+Banner none
+Subsystem sftp /usr/lib/ssh/sftp-server
+
+AcceptEnv GIT_PROTOCOL
+
+${SSH_INCLUDE_FILE}