Commit 12ab89b7 authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Change default SSH options to "restrict"



From the sshd(8) man page:

    Enable all restrictions, i.e. disable port, agent and X11
    forwarding, as well as disabling PTY allocation and execution of
    ~/.ssh/rc. If any future restriction capabilities are added to
    authorized_keys files they will be included in this set.

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 0c1187ca
......@@ -47,7 +47,7 @@ RSA = SHA256:Ju+yWiMb/2O+gKQ9RJCDqvRg7l+Q95KFAeqM5sr6l2s
valid-keytypes = ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519
username-regex = [a-zA-Z0-9]+[.\-_]?[a-zA-Z0-9]+$
git-serve-cmd = /srv/http/aurweb/git-interface/git-serve.py
ssh-options = no-port-forwarding,no-X11-forwarding,no-pty
ssh-options = restrict
[serve]
repo-path = /srv/http/aurweb/aur.git/
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment