diff options
Diffstat (limited to 'set-sshd-config.patch')
| -rw-r--r-- | set-sshd-config.patch | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/set-sshd-config.patch b/set-sshd-config.patch new file mode 100644 index 0000000..2915ce9 --- /dev/null +++ b/set-sshd-config.patch @@ -0,0 +1,97 @@ +From ca0b2bcd17a2c0e1682b8125960ac81e08d0f6dd Mon Sep 17 00:00:00 2001 +From: kircher <kircherlike@outlook.com> +Date: Wed, 27 Oct 2021 16:51:41 +0800 +Subject: [PATCH] set + +--- + sshd_config | 32 +++++++++++++++++++------------- + 1 file changed, 19 insertions(+), 13 deletions(-) + +Index: b/sshd_config +=================================================================== +--- a/sshd_config ++++ b/sshd_config +@@ -23,21 +23,22 @@ + #ListenAddress 0.0.0.0 + #ListenAddress :: + +-#HostKey /etc/ssh/ssh_host_rsa_key +-#HostKey /etc/ssh/ssh_host_ecdsa_key +-#HostKey /etc/ssh/ssh_host_ed25519_key ++HostKey /etc/ssh/ssh_host_rsa_key ++HostKey /etc/ssh/ssh_host_ecdsa_key ++HostKey /etc/ssh/ssh_host_ed25519_key + + # Ciphers and keying + #RekeyLimit default none + + # Logging + #SyslogFacility AUTH ++SyslogFacility AUTHPRIV + #LogLevel INFO + + # Authentication: + + #LoginGraceTime 2m +-#PermitRootLogin prohibit-password ++PermitRootLogin yes + #StrictModes yes + #MaxAuthTries 6 + #MaxSessions 10 +@@ -62,11 +63,11 @@ AuthorizedKeysFile .ssh/authorized_keys + #IgnoreRhosts yes + + # To disable tunneled clear text passwords, change to no here! +-#PasswordAuthentication yes ++PasswordAuthentication yes + #PermitEmptyPasswords no + + # Change to no to disable s/key passwords +-#KbdInteractiveAuthentication yes ++KbdInteractiveAuthentication no + + # Kerberos options + #KerberosAuthentication no +@@ -76,8 +77,8 @@ AuthorizedKeysFile .ssh/authorized_keys + #KerberosUseKuserok yes + + # GSSAPI options +-#GSSAPIAuthentication no +-#GSSAPICleanupCredentials yes ++GSSAPIAuthentication yes ++GSSAPICleanupCredentials no + #GSSAPIStrictAcceptorCheck yes + #GSSAPIKeyExchange no + #GSSAPIEnablek5users no +@@ -93,16 +94,16 @@ AuthorizedKeysFile .ssh/authorized_keys + # and KbdInteractiveAuthentication to 'no'. + # WARNING: 'UsePAM no' is not supported in openEuler and may cause several + # problems. +-#UsePAM no ++UsePAM yes + + #AllowAgentForwarding yes + #AllowTcpForwarding yes + #GatewayPorts no +-#X11Forwarding no ++X11Forwarding yes + #X11DisplayOffset 10 + #X11UseLocalhost yes + #PermitTTY yes +-#PrintMotd yes ++PrintMotd no + #PrintLastLog yes + #TCPKeepAlive yes + #PermitUserEnvironment no +@@ -119,6 +120,11 @@ AuthorizedKeysFile .ssh/authorized_keys + # no default banner path + #Banner none + ++AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES ++AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT ++AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE ++AcceptEnv XMODIFIERS ++ + # override default of no subsystems + Subsystem sftp /usr/libexec/sftp-server + |