pm/: correction gardefou et sauvkipeu
This commit is contained in:
parent
286e5fd9ad
commit
e926a319ae
GPG Key ID:
57BC26A3687116F6
|
|
@ -1,7 +1,7 @@
|
||||||
# gardefou
|
# gardefou
|
||||||
|
|
||||||
Type : machine physique.
|
Type : machine physique.
|
||||||
Localisation : `leparc`, en attendant une migration vers `fontainebleau`.
|
Localisation : `fontainebleau`.
|
||||||
|
|
||||||
## Matériel
|
## Matériel
|
||||||
|
|
||||||
|
|
@ -25,7 +25,7 @@ Mail Transfer Agent : `postfix`
|
||||||
## Caractéristiques notables
|
## Caractéristiques notables
|
||||||
|
|
||||||
Domaine : `gardefou.libre-en-communs.org`
|
Domaine : `gardefou.libre-en-communs.org`
|
||||||
Adresse ipv6 publique : `2001:910:1021::5`
|
Adresse ipv6 publique : `2001:910:1028::5`
|
||||||
|
|
||||||
### Configuration réseau
|
### Configuration réseau
|
||||||
|
|
||||||
|
|
@ -39,8 +39,8 @@ Adresse ipv6 publique : `2001:910:1021::5`
|
||||||
allow-hotplug eno0
|
allow-hotplug eno0
|
||||||
|
|
||||||
iface eno0 inet6 static
|
iface eno0 inet6 static
|
||||||
address 2001:910:1021:0::5/128
|
address 2001:910:1028:0::5/128
|
||||||
gateway 2001:910:1021::1
|
gateway 2001:910:1028::1
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
|
@ -49,11 +49,31 @@ Adresse ipv6 publique : `2001:910:1021::5`
|
||||||
### /etc/ssh/sshd_config
|
### /etc/ssh/sshd_config
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
|
Port 222
|
||||||
|
AddressFamily any
|
||||||
TODO?
|
ListenAddress 0.0.0.0
|
||||||
|
ListenAddress ::
|
||||||
|
PubkeyAuthentication yes
|
||||||
|
PasswordAuthentication no
|
||||||
|
PermitEmptyPasswords no
|
||||||
|
ChallengeResponseAuthentication no
|
||||||
|
# Change to yes to enable challenge-response passwords (beware issues with
|
||||||
|
# some PAM modules and threads)
|
||||||
|
KbdInteractiveAuthentication no
|
||||||
|
UsePAM yes
|
||||||
|
AllowAgentForwarding yes
|
||||||
|
AllowTcpForwarding yes
|
||||||
|
GatewayPorts yes
|
||||||
|
X11Forwarding no
|
||||||
|
PrintMotd no
|
||||||
|
TCPKeepAlive yes
|
||||||
|
PermitTunnel yes
|
||||||
|
AcceptEnv LANG LC_* GIT_*
|
||||||
|
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||||
|
Match User admin666 Address *,!127.0.0.1,!::1
|
||||||
|
DenyUsers admin666
|
||||||
|
Match User borg Address *,!2001:910:1021:0::/64,!2001:910:1028:0::/64
|
||||||
|
DenyUsers borg
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
# sauvkipeu
|
# sauvkipeu
|
||||||
|
|
||||||
Type : machine physique.
|
Type : machine physique.
|
||||||
Localisation : leparc.
|
Localisation : `leparc`.
|
||||||
|
|
||||||
## Matériel
|
## Matériel
|
||||||
|
|
||||||
|
|
@ -53,29 +53,19 @@ Adresse ipv6 publique : `2001:910:1021::4`
|
||||||
AddressFamily any
|
AddressFamily any
|
||||||
ListenAddress 0.0.0.0
|
ListenAddress 0.0.0.0
|
||||||
ListenAddress ::
|
ListenAddress ::
|
||||||
|
|
||||||
PubkeyAuthentication yes
|
PubkeyAuthentication yes
|
||||||
|
|
||||||
PasswordAuthentication no
|
PasswordAuthentication no
|
||||||
PermitEmptyPasswords no
|
PermitEmptyPasswords no
|
||||||
|
|
||||||
ChallengeResponseAuthentication no
|
ChallengeResponseAuthentication no
|
||||||
|
|
||||||
UsePAM yes
|
UsePAM yes
|
||||||
|
|
||||||
AllowAgentForwarding yes
|
AllowAgentForwarding yes
|
||||||
AllowTcpForwarding yes
|
AllowTcpForwarding yes
|
||||||
GatewayPorts yes
|
GatewayPorts yes
|
||||||
X11Forwarding no
|
X11Forwarding no
|
||||||
|
|
||||||
PrintMotd no
|
PrintMotd no
|
||||||
|
|
||||||
TCPKeepAlive yes
|
TCPKeepAlive yes
|
||||||
|
|
||||||
PermitTunnel yes
|
PermitTunnel yes
|
||||||
|
|
||||||
AcceptEnv LANG LC_* GIT_*
|
AcceptEnv LANG LC_* GIT_*
|
||||||
|
|
||||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||||
|
|
||||||
Match User admin666 Address *,!127.0.0.1,!::1
|
Match User admin666 Address *,!127.0.0.1,!::1
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue