mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-10-26 12:01:08 +00:00
f17edfaf5aSince OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public key algorithm, and recommend against its use. http://www.openssh.com/legacy.html ## ⚠️ BREAKING ⚠️ This patch will remove DSA host key form OpenSSH daemon configuration file. Signed-off-by: baronbunny <its@baronbunny.cn> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
43 lines
993 B
Text
43 lines
993 B
Text
Port ${SSH_LISTEN_PORT}
|
|
Protocol 2
|
|
|
|
AddressFamily any
|
|
ListenAddress 0.0.0.0
|
|
ListenAddress ::
|
|
|
|
${SSH_MAX_STARTUPS}
|
|
${SSH_MAX_SESSIONS}
|
|
|
|
LogLevel ${SSH_LOG_LEVEL}
|
|
|
|
HostKey /data/ssh/ssh_host_ed25519_key
|
|
${SSH_ED25519_CERT}
|
|
HostKey /data/ssh/ssh_host_rsa_key
|
|
${SSH_RSA_CERT}
|
|
HostKey /data/ssh/ssh_host_ecdsa_key
|
|
${SSH_ECDSA_CERT}
|
|
|
|
AuthorizedKeysFile .ssh/authorized_keys
|
|
AuthorizedPrincipalsFile .ssh/authorized_principals
|
|
TrustedUserCAKeys /data/git/.ssh/gitea-trusted-user-ca-keys.pem
|
|
CASignatureAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
|
|
|
UseDNS no
|
|
AllowAgentForwarding no
|
|
AllowTcpForwarding no
|
|
PrintMotd no
|
|
|
|
PermitUserEnvironment yes
|
|
PermitRootLogin no
|
|
ChallengeResponseAuthentication no
|
|
PasswordAuthentication no
|
|
PermitEmptyPasswords no
|
|
|
|
AllowUsers ${USER}
|
|
|
|
Banner none
|
|
Subsystem sftp /usr/lib/ssh/sftp-server
|
|
|
|
AcceptEnv GIT_PROTOCOL
|
|
|
|
${SSH_INCLUDE_FILE}
|