roles/testnode: add sshd config template for rocky 9

author Kyr Shatskyy <kyrylo.shatskyy@clyso.com>

Sat, 6 Dec 2025 01:06:35 +0000 (02:06 +0100)

committer Kyr Shatskyy <kyrylo.shatskyy@clyso.com>

Sat, 6 Dec 2025 01:06:35 +0000 (02:06 +0100)
author Kyr Shatskyy <kyrylo.shatskyy@clyso.com>
Sat, 6 Dec 2025 01:06:35 +0000 (02:06 +0100)
committer Kyr Shatskyy <kyrylo.shatskyy@clyso.com>
Sat, 6 Dec 2025 01:06:35 +0000 (02:06 +0100)
diff --git a/roles/testnode/templates/ssh/sshd_config_rocky_9 b/roles/testnode/templates/ssh/sshd_config_rocky_9

new file mode 100644 (file)

index 0000000..087d4c7
--- /dev/null
+++ b/roles/testnode/templates/ssh/sshd_config_rocky_9
@@ -0,0 +1,38 @@
+# {{ ansible_managed }}
+#      $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
+
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+
+SyslogFacility AUTHPRIV
+
+AuthorizedKeysFile     .ssh/authorized_keys
+
+PasswordAuthentication yes
+
+ChallengeResponseAuthentication no
+
+# GSSAPI options
+GSSAPIAuthentication yes
+GSSAPICleanupCredentials yes
+
+UsePAM yes
+
+X11Forwarding yes
+UsePrivilegeSeparation sandbox         # Default for new installations.
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+# override default of no subsystems
+Subsystem      sftp    /usr/libexec/openssh/sftp-server
+
+MaxSessions 1000
author	Kyr Shatskyy <kyrylo.shatskyy@clyso.com>
	Sat, 6 Dec 2025 01:06:35 +0000 (02:06 +0100)
committer	Kyr Shatskyy <kyrylo.shatskyy@clyso.com>
	Sat, 6 Dec 2025 01:06:35 +0000 (02:06 +0100)