mirror of
https://github.com/go-gitea/gitea
synced 2025-11-03 21:08:25 +00:00
8947422781
Unforunately #16009 makes these settings mandatory. This PR uses the same technique as used for the certificates to make these settings non-mandatory. Fix #16044 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
44 lines
1011 B
Plaintext
44 lines
1011 B
Plaintext
Port ${SSH_LISTEN_PORT}
|
|
Protocol 2
|
|
|
|
AddressFamily any
|
|
ListenAddress 0.0.0.0
|
|
ListenAddress ::
|
|
|
|
${SSH_MAX_STARTUPS}
|
|
${SSH_MAX_SESSIONS}
|
|
|
|
LogLevel INFO
|
|
|
|
HostKey /data/ssh/ssh_host_ed25519_key
|
|
${SSH_ED25519_CERT}
|
|
HostKey /data/ssh/ssh_host_rsa_key
|
|
${SSH_RSA_CERT}
|
|
HostKey /data/ssh/ssh_host_ecdsa_key
|
|
${SSH_ECDSA_CERT}
|
|
HostKey /data/ssh/ssh_host_dsa_key
|
|
${SSH_DSA_CERT}
|
|
|
|
AuthorizedKeysFile .ssh/authorized_keys
|
|
AuthorizedPrincipalsFile .ssh/authorized_principals
|
|
TrustedUserCAKeys /data/git/.ssh/gitea-trusted-user-ca-keys.pem
|
|
CASignatureAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
|
|
|
UseDNS no
|
|
AllowAgentForwarding no
|
|
AllowTcpForwarding no
|
|
PrintMotd no
|
|
|
|
PermitUserEnvironment yes
|
|
PermitRootLogin no
|
|
ChallengeResponseAuthentication no
|
|
PasswordAuthentication no
|
|
PermitEmptyPasswords no
|
|
|
|
AllowUsers ${USER}
|
|
|
|
Banner none
|
|
Subsystem sftp /usr/lib/ssh/sftp-server
|
|
|
|
AcceptEnv GIT_PROTOCOL
|