From 7ade57d4d0ca69a50eaabfbd3289473f8bd233ff Mon Sep 17 00:00:00 2001 From: markus Date: Mon, 14 Jan 2019 10:50:10 +0100 Subject: [PATCH] Add more ssh keys + sshd_config --- publickeys/ajanning/ssh/id_rsa.pub | 1 + publickeys/akrauss/ssh/id_rsa.pub | 1 + publickeys/fengel/ssh/id_rsa.pub | 1 + publickeys/fmathauser/ssh/id_rsa.pub | 1 + publickeys/jstohner/ssh/id_rsa.pub | 1 + publickeys/markus/ssh/peterpan.pub | 1 + publickeys/markus/ssh/vv.pub | 2 + ssh/sshd_config | 82 ++++++++++++++++++++++++++++ 8 files changed, 90 insertions(+) create mode 100644 publickeys/ajanning/ssh/id_rsa.pub create mode 100644 publickeys/akrauss/ssh/id_rsa.pub create mode 100644 publickeys/fengel/ssh/id_rsa.pub create mode 100644 publickeys/fmathauser/ssh/id_rsa.pub create mode 100644 publickeys/jstohner/ssh/id_rsa.pub create mode 100644 publickeys/markus/ssh/peterpan.pub create mode 100644 publickeys/markus/ssh/vv.pub create mode 100644 ssh/sshd_config diff --git a/publickeys/ajanning/ssh/id_rsa.pub b/publickeys/ajanning/ssh/id_rsa.pub new file mode 100644 index 0000000..b33946c --- /dev/null +++ b/publickeys/ajanning/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgbvSkW2cUj+YZWO3fxDoCBL1RucxhHGDt0EZIVUL9d+B4GlsK07ALv/rxjIZRlO6vdFC5mC9A3Use49ldQ/gCYedUk8WZrSD2zLKQtfwprwr2ZxPMEN7gKoQsFXpToefdHUEDMGm+KLaArsTgKIn4OkwmjwUxiDsie68AjXpJkSbkwzLtTUdVEXYtNqExaUHR4FxpOQDykxxZAM4OLvJF1MoqXj5J3Y9XW72Aq9JfpQpiqSmB+HJ3oJUCQcDB3BrzxnMXcjZG7nliIYBuetIQBznERY4VC6cKTdPqD6XAirjXUTHSfUW8MjjxH7SUTwFR8NgjCz0GsPovfTUSEPe8Q== andreas.janning@qaware.de diff --git a/publickeys/akrauss/ssh/id_rsa.pub b/publickeys/akrauss/ssh/id_rsa.pub new file mode 100644 index 0000000..8b946ca --- /dev/null +++ b/publickeys/akrauss/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAsh7UGqyTlwpu0fEWL0PxvCKI+FAsoVG08L4zQQSutsI210Tg6f9trW4Ytb548ZsDF3aLzBl+8uM1K020P4ovXtVCwDUiM5WHg0Fik/kqGSeAvCDAJKXl0jmqFChrxdaBaeUdsn4iq8O+C5EsLD/HOG3xRSHEqCHAfvMbKtSAhfJncDHEp9qKLzJfOB6yxlHIKGVcPRN1FweiLASBnM7c5c1SBgyCYRdxeKP4dXONfG7pGUJqVPyH0VaRjTGKU3OnIr3VagJyZnQnCcyGH00FTuK64hVEB7Hz89WnvwO8nHhVl3+H6IKlCc8qGKTglPcErnHPO9OH8yrJFEDkdtaumw== alexander.krauss@qaware.de \ No newline at end of file diff --git a/publickeys/fengel/ssh/id_rsa.pub b/publickeys/fengel/ssh/id_rsa.pub new file mode 100644 index 0000000..c753266 --- /dev/null +++ b/publickeys/fengel/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrGyUU6WgwUDVat3SjFzN8oCDckFBK0dgD7MsQSmpcTdJsl4T+PCa7hRiop51ajFJVc6ZRlbD1ZAOYPhl2hjJQghEda6QwLMjhPpMskolIl68fQb8Ug2FiUuOcLmAIpAytaIrAoPlGOpnKcZQnzeakPZJsitOmfbr0sZGAV4KSsJcEASYPkwi2DzjIvM2JYyNWKA3CeNfVbXVsp6q86kAVUpF01ri8WBfW8+NJnvEuErk15jKv6xqWghLcrY4YNxZZnijj5CXpafcQBRXg05QG+3kKiqEMyj153Xw6IAx8bXzWCqsz9n4+NbGKCpKrRBkwuSsnNhiJ/nK86yZAAA6B florian.engel@qaware.de diff --git a/publickeys/fmathauser/ssh/id_rsa.pub b/publickeys/fmathauser/ssh/id_rsa.pub new file mode 100644 index 0000000..e4b06a8 --- /dev/null +++ b/publickeys/fmathauser/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrnQMcdt4NyMJPPc9PJ9vGTwllyHBwfcoKwf7hMmB3W3H5j1n9y1nTSQFP/Tn6f1Bjl/xsZN2LjmknjRLd4X6g0sycuBlRf3R72x3VvxuabMaBcybZtRVUm8z+7T6uIaezsoxLlTp/5VD2vU+dTTIILEc3K6P2Ilf4OdsWcAyLYE4Ackm4dEGV30ExPa1uuaLp4PDFZNMNx24nY/qKvI0M0eFLQCfxzYerOt7xJMYxW45UVIn3K8lngdfd9E4g5Xe98WFd3+1EuTrrv1LFryyMBFSeUDKNPwKKmQiMWoEFdIiWxeb635lAs2Zxx2ECvykcNVamKYz/Nx0Fqu57Vo+L franz.mathauser@qaware.de diff --git a/publickeys/jstohner/ssh/id_rsa.pub b/publickeys/jstohner/ssh/id_rsa.pub new file mode 100644 index 0000000..5c6da6d --- /dev/null +++ b/publickeys/jstohner/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHFgx3BS2/N+7ZSe7dOKjv5ze3cz1oWvIvJXCT7Z0DOOkqGgZr9I6aSt6dvgbR8pdBY8mqY+LS+BAi2vgTpVCzgJO+rhICJR5p93c41Si/05gvVtQpFoLBX1UWd9wLoYiodH1+8ayMoRhcjJ3IItpbVyOuxx3BuMJTYDXncf0JRZObnhWZfQYC1DT2uguVItILuaq9zwxWC23FoSrhyp6uBAKNooApvY8Nr9K6hJmURvtu0sd+06GZ62bbT1PnpbyTBuL9B0h6PpCUmRZajnV/teO6zM75Ro1D241Apm9iMZ8D1iXqwv8hsGTWFuRXtj+Ae0XGmHZ8o5VlmV1brovrtpfRvumu96ozaohDtTCYlt3zW1OgwvXPQ6+lRPXM91yfoJKAxqdqlOmmUkkiOEzYkOjTw4MiRLC3F/WNLda/wd+qD88GhuWn2VlUIREAGPpgmjK6lI+krTTXytM7WAsxQ39L4547c/VHGAt6y2drGeqvx5OKeHDbQuh1PlqRJXuBWiVX1uG4vjLwHbd7Rsm/Br0ON1Jr+TURDxgVytFbBRPh/E0nAqpJcr2gJ/JwcmEuRB8FIaPdqD//qoWcPejtySWViPMsrqZDHM4oS8ebMCBXdiJbMOIYHdfnPsxf+ctjCtm1LyQSZwz9ZUSMTDIh1ncx47kMURlR0WrNicep/Q== jahn.stohner@telekom.de \ No newline at end of file diff --git a/publickeys/markus/ssh/peterpan.pub b/publickeys/markus/ssh/peterpan.pub new file mode 100644 index 0000000..cc88377 --- /dev/null +++ b/publickeys/markus/ssh/peterpan.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAFl4y0hN7/gpPvrF5ivGqSiacqp93Q+SMbSbpcCnOZG KeyName: Contact: \ No newline at end of file diff --git a/publickeys/markus/ssh/vv.pub b/publickeys/markus/ssh/vv.pub new file mode 100644 index 0000000..06f5a7f --- /dev/null +++ b/publickeys/markus/ssh/vv.pub @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUNg9OTlVepNzKUhRiIjfMjieDOJzgEyJ+mE6Zh2c67YyYGJMe2+rKcPvgyYaZWzfrfwRoTfByvsH8KzOL2vPnqrF54UI9vjJBcdOA6IdPotGbfcGcNqSaxYrCurl0uoOqktzT7C2qbQF+TA9LV5/ptGXQd0vH3txf/t3kUwUah4qOkoPSVGUNCC+6I3BiRRnVox1s7SAttl63XXuBQCAL22xTUeATbqSwzsp6d5PJXaySQo1j7tyAOptvo5wBEqinOQBphYQI/OQMwoehYlpv3aWGamgwjCEP2pvCwV28wGkeQ3NNJLnI5Eb3BSE/fSd0hUUNDoEO+fFqrge7hcQcGH1VG5H5xs8X2N49LX0DNxi2dg+FXUICwwLSrGj5JpkUzjtvLcFJwrMp1G3BQSYqwYvcc5W+UoVZY/2zToy5vx/gsNlNuDIXvJaxl8vWM/Sloh0B0qsxYlNmNKmcuVBXvX2cZ1SWFj7HWM0awGFMDqXmGJ5kNWwgFCTI86vK453uOxmrDdtwxggX5McjDLuDM6JHoWgo/SUEBMJxhG8pPEVkJ5PsPpa6mzBiVLhRM3tOALK21tn7dZq9CEn7ivPMF+8eIJu+1m7FfWrtQAfwLEZ3BjAV/WZD/c5IMhKxKMg4DwImLz7LqAeeaXrZ3wTVo9ycZXtN8Fk5yo98+fuHvQ== Markus Schroer + diff --git a/ssh/sshd_config b/ssh/sshd_config new file mode 100644 index 0000000..a0f4239 --- /dev/null +++ b/ssh/sshd_config @@ -0,0 +1,82 @@ +# Package generated configuration file +# See the sshd_config(5) manpage for details + +# What ports, IPs and protocols we listen for +Port 22 +# Use these options to restrict which interfaces/protocols sshd will bind to +#ListenAddress :: +#ListenAddress 0.0.0.0 +Protocol 2 +# HostKeys for protocol version 2 +HostKey /etc/ssh/ssh_host_rsa_key +HostKey /etc/ssh/ssh_host_dsa_key +HostKey /etc/ssh/ssh_host_ecdsa_key + +HostKeyAlgorithms -ecdsa-sha2-nistp256 +KexAlgorithms -ecdh-sha2-nistp256,-ecdh-sha2-nistp384,-ecdh-sha2-nistp521 +MACs -hmac-sha1,-hmac-sha2-256,-hmac-sha2-512,-umac-64@openssh.com,-umac-128@openssh.com,-hmac-sha1-etm@openssh.com,-umac-64-etm@openssh.com + +# Logging +SyslogFacility AUTH +LogLevel INFO + +# Authentication: +LoginGraceTime 120 +PermitRootLogin prohibit-password +StrictModes yes + +PubkeyAuthentication yes +AuthorizedKeysFile %h/.ssh/authorized_keys + +# similar for protocol version 2 +HostbasedAuthentication no +# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication +#IgnoreUserKnownHosts yes + +# To enable empty passwords, change to yes (NOT RECOMMENDED) +PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +ChallengeResponseAuthentication no + +# Change to no to disable tunnelled clear text passwords +PasswordAuthentication no + +#AllowAgentForwarding yes + +# Kerberos options +#KerberosAuthentication no +#KerberosGetAFSToken no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +X11Forwarding yes +X11DisplayOffset 10 +PrintMotd no +PrintLastLog yes +TCPKeepAlive yes +#UseLogin no + +#MaxStartups 10:30:60 +Banner /etc/issue.net + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +Subsystem sftp /usr/lib/openssh/sftp-server + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes