From c31c1acf3cdba8243be949e35de8b00b3a48ae39 Mon Sep 17 00:00:00 2001 From: Adrien Bourmault Date: Wed, 17 Nov 2021 13:20:54 +0000 Subject: [PATCH] Configuration SSH serveurs --- Serveurs/aunt.md | 59 ++++++++++++++++++++++++++++++++++++++++++++++ Serveurs/mother.md | 59 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 118 insertions(+) diff --git a/Serveurs/aunt.md b/Serveurs/aunt.md index 10eee13..433f28b 100644 --- a/Serveurs/aunt.md +++ b/Serveurs/aunt.md @@ -66,6 +66,65 @@ Adresse ipv6 publique : 2001:910:1360::3 +### Configuration SSH + +#### /etc/ssh/sshd_config +
+ + # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ + + # This is the sshd server system-wide configuration file. See + # sshd_config(5) for more information. + + # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + + # The strategy used for options in the default sshd_config shipped with + # OpenSSH is to specify options with their default value where + # possible, but leave them commented. Uncommented options override the + # default value. + + Port 222 + AddressFamily any + ListenAddress 0.0.0.0 + ListenAddress :: + + PubkeyAuthentication no + + PasswordAuthentication no + PermitEmptyPasswords no + + ChallengeResponseAuthentication no + + UsePAM yes + + AllowAgentForwarding yes + AllowTcpForwarding yes + GatewayPorts yes + X11Forwarding no + PrintMotd no + TCPKeepAlive yes + PermitTunnel yes + + AcceptEnv LANG LC_* GIT_* + + Subsystem sftp /usr/lib/openssh/sftp-server + + + Match Group ssh-pubkey + PubkeyAuthentication yes + + Match Group ssh-login + PasswordAuthentication yes + PubkeyAuthentication yes + + Match Address 127.0.0.* + PubkeyAuthentication yes + + Match Address 192.169.254.3 + PubkeyAuthentication yes + +
+ ### Configuration DRBD #### /etc/drbd.d/drbd1.res diff --git a/Serveurs/mother.md b/Serveurs/mother.md index d1d1b7b..033e597 100644 --- a/Serveurs/mother.md +++ b/Serveurs/mother.md @@ -66,6 +66,65 @@ Adresse ipv6 publique : 2001:910:1360::2 +### Configuration SSH + +#### /etc/ssh/sshd_config +
+ + # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ + + # This is the sshd server system-wide configuration file. See + # sshd_config(5) for more information. + + # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + + # The strategy used for options in the default sshd_config shipped with + # OpenSSH is to specify options with their default value where + # possible, but leave them commented. Uncommented options override the + # default value. + + Port 222 + AddressFamily any + ListenAddress 0.0.0.0 + ListenAddress :: + + PubkeyAuthentication no + + PasswordAuthentication no + PermitEmptyPasswords no + + ChallengeResponseAuthentication no + + UsePAM yes + + AllowAgentForwarding yes + AllowTcpForwarding yes + GatewayPorts yes + X11Forwarding no + PrintMotd no + TCPKeepAlive yes + PermitTunnel yes + + AcceptEnv LANG LC_* GIT_* + + Subsystem sftp /usr/lib/openssh/sftp-server + + + Match Group ssh-pubkey + PubkeyAuthentication yes + + Match Group ssh-login + PasswordAuthentication yes + PubkeyAuthentication yes + + Match Address 127.0.0.* + PubkeyAuthentication yes + + Match Address 192.169.254.3 + PubkeyAuthentication yes + +
+ ### Configuration DRBD #### /etc/drbd.d/drbd1.res