forgejo/docker/root/etc/templates/sshd_config
zeripath ea69ec6f0f
Disable DSA ssh keys by default (#13056)
* Disable DSA ssh keys by default

OpenSSH has disabled DSA keys since version 7.0

As the docker runs openssh > v7.0 we should just disable
DSA keys by default.

Refers to #11417

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just disable DSA keys by default

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove DSA type

* Fix Tests

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-09 09:52:57 +03:00

34 lines
594 B
Plaintext

Port ${SSH_LISTEN_PORT}
Protocol 2
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
LogLevel INFO
HostKey /data/ssh/ssh_host_ed25519_key
HostKey /data/ssh/ssh_host_rsa_key
HostKey /data/ssh/ssh_host_ecdsa_key
HostKey /data/ssh/ssh_host_dsa_key
AuthorizedKeysFile .ssh/authorized_keys
UseDNS no
AllowAgentForwarding no
AllowTcpForwarding no
PrintMotd no
PermitUserEnvironment yes
PermitRootLogin no
ChallengeResponseAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no
AllowUsers ${USER}
Banner none
Subsystem sftp /usr/lib/ssh/sftp-server
AcceptEnv GIT_PROTOCOL