From: Kyr Shatskyy <kyrylo.shatskyy@clyso.com>
Date: Sat, 6 Dec 2025 01:06:35 +0000 (+0100)
Subject: roles/testnode: add sshd config template for rocky 9
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F786%2Fhead;p=ceph-cm-ansible.git

roles/testnode: add sshd config template for rocky 9

Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@clyso.com>
---

diff --git a/roles/testnode/templates/ssh/sshd_config_rocky_9 b/roles/testnode/templates/ssh/sshd_config_rocky_9
new file mode 100644
index 00000000..087d4c75
--- /dev/null
+++ b/roles/testnode/templates/ssh/sshd_config_rocky_9
@@ -0,0 +1,38 @@
+# {{ ansible_managed }}
+#	$OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
+
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+
+SyslogFacility AUTHPRIV
+
+AuthorizedKeysFile	.ssh/authorized_keys
+
+PasswordAuthentication yes
+
+ChallengeResponseAuthentication no
+
+# GSSAPI options
+GSSAPIAuthentication yes
+GSSAPICleanupCredentials yes
+
+UsePAM yes
+
+X11Forwarding yes
+UsePrivilegeSeparation sandbox		# Default for new installations.
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+# override default of no subsystems
+Subsystem	sftp	/usr/libexec/openssh/sftp-server
+
+MaxSessions 1000