diff options
Diffstat (limited to 'roles/common/templates/etc_ssh_sshd_config.j2')
| -rw-r--r-- | roles/common/templates/etc_ssh_sshd_config.j2 | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/roles/common/templates/etc_ssh_sshd_config.j2 b/roles/common/templates/etc_ssh_sshd_config.j2 index d9978e0..c0797a3 100644 --- a/roles/common/templates/etc_ssh_sshd_config.j2 +++ b/roles/common/templates/etc_ssh_sshd_config.j2 @@ -21,7 +21,6 @@ MACs {{ ssh_macs }} # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 -#ServerKeyBits 768 ServerKeyBits 1024 # Logging @@ -51,8 +50,7 @@ PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) -# ChallengeResponseAuthentication no -ChallengeResponseAuthentication yes +ChallengeResponseAuthentication {{ sshd_allow_chall_resp }} # Change to no to disable tunnelled clear text passwords PasswordAuthentication {{ sshd_allow_passwd }} @@ -92,4 +90,3 @@ Subsystem sftp /usr/lib/openssh/sftp-server # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes - |