15 lines
397 B
Text
15 lines
397 B
Text
# This is used by sshd in default VRF to receive configuration updates. Lock
|
|
# down to only allow executing the update script.
|
|
|
|
# Only allow pubkey auth.
|
|
KbdInteractiveAuthentication no
|
|
PasswordAuthentication no
|
|
PermitRootLogin prohibit-password
|
|
|
|
# Disable what we can.
|
|
AllowTcpForwarding no
|
|
GatewayPorts no
|
|
X11Forwarding no
|
|
|
|
# And then disable everything else.
|
|
ForceCommand /usr/local/bin/update
|