Tomster/Linux-Setup-Scripts
1
0
Fork 0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-11-22 09:31:34 -05:00
Code

More hardening options

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-07-01 12:57:20 -07:00 committed by GitHub
parent 55db69f9e2
commit 70f007a264
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
etc/ssh/sshd_config.d/10-custom.conf
View File

@ -6,9 +6,20 @@ PubkeyAcceptedKeyTypes ssh-ed25519
Ciphers aes256-gcm@openssh.com Ciphers aes256-gcm@openssh.com
MACs -* MACs -*
# Security hardening
AuthorizedKeysFile .ssh/authorized_keys
LoginGraceTime 15s
MaxAuthTries 1
StrictModes yes
## Use PAM for session checks here but authentication is disabled below
UsePAM yes
# Disabling unused authentication methods # Disabling unused authentication methods
ChallengeResponseAuthentication no
PasswordAuthentication no PasswordAuthentication no
PermitRootLogin no PermitRootLogin no
KbdInteractiveAuthentication no
KerberosAuthentication no KerberosAuthentication no
GSSAPIAuthentication no GSSAPIAuthentication no