mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2026-05-04 06:20:40 +02:00
Kristian Klausen
e960cabe5b
Local forwarding is needed for the bastion host so it can be used as a "proxy".
27 lines
645 B
Django/Jinja
27 lines
645 B
Django/Jinja
Port {{ sshd_port }}
|
|
LogLevel VERBOSE
|
|
PasswordAuthentication no
|
|
ClientAliveInterval 30
|
|
|
|
# unlink forwarded sockets; for gpg agent forwarding
|
|
StreamLocalBindUnlink yes
|
|
|
|
# accept environment variables for user's color, language/locale
|
|
# and timezone settings
|
|
AcceptEnv COLORFGBG
|
|
AcceptEnv LANG
|
|
AcceptEnv LC_*
|
|
AcceptEnv TZ
|
|
|
|
{% if 'buildservers' not in group_names %}
|
|
AllowAgentForwarding no
|
|
AllowTcpForwarding {{ sshd_tcp_forwarding }}
|
|
{% else %}
|
|
Match User root
|
|
AllowAgentForwarding no
|
|
AllowTcpForwarding {{ sshd_tcp_forwarding }}
|
|
{% endif %}
|
|
|
|
# Do *not* add anything here, it is matched by the
|
|
# block above for user root only on build server!
|