created role for bootstrapping a Linode VPS via API or a LAN homeserver
This commit is contained in:
7
roles/init-server/files/sshd_config.d/auth.conf
Normal file
7
roles/init-server/files/sshd_config.d/auth.conf
Normal file
@@ -0,0 +1,7 @@
|
||||
PermitEmptyPasswords no
|
||||
PasswordAuthentication no
|
||||
PubkeyAuthentication yes
|
||||
KbdInteractiveAuthentication no # enable if implementing TOTP 2FA
|
||||
UsePAM yes
|
||||
PrintMotd yes
|
||||
Banner /etc/banner
|
||||
1
roles/init-server/files/sshd_config.d/denyroot.conf
Normal file
1
roles/init-server/files/sshd_config.d/denyroot.conf
Normal file
@@ -0,0 +1 @@
|
||||
PermitRootLogin no
|
||||
2
roles/init-server/files/sshd_config.d/harden.conf
Normal file
2
roles/init-server/files/sshd_config.d/harden.conf
Normal file
@@ -0,0 +1,2 @@
|
||||
ClientAliveInterval 900
|
||||
ClientAliveCountMax 3
|
||||
Reference in New Issue
Block a user