| # Force protocol v2 only |
| Protocol 2 |
| |
| # Disable IPv6 for now |
| AddressFamily inet |
| |
| # /etc is read-only. Fetch keys from stateful partition |
| # Not using v1, so no v1 key |
| HostKey /mnt/stateful_partition/etc/ssh/ssh_host_rsa_key |
| HostKey /mnt/stateful_partition/etc/ssh/ssh_host_ed25519_key |
| |
| PasswordAuthentication no |
| ChallengeResponseAuthentication no |
| PermitRootLogin no |
| UsePAM yes |
| |
| PrintMotd no |
| PrintLastLog no |
| UseDns no |
| Subsystem sftp internal-sftp |
| |
| PermitTunnel no |
| AllowTcpForwarding yes |
| X11Forwarding no |
| |
| Ciphers aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr |
| |
| # Compute times out connections after 10 minutes of inactivity. Keep alive |
| # ssh connections by sending a packet every 7 minutes. |
| ClientAliveInterval 420 |
| |
| AcceptEnv EDITOR LANG LC_ALL PAGER TZ |