mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2025-01-18 08:06:16 +01:00
28 lines
949 B
Plaintext
28 lines
949 B
Plaintext
# From upstream https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/docker/assets/sshd_config
|
|
Port 222
|
|
ChallengeResponseAuthentication no
|
|
HostKey /etc/gitlab/ssh_host_rsa_key
|
|
HostKey /etc/gitlab/ssh_host_ecdsa_key
|
|
HostKey /etc/gitlab/ssh_host_ed25519_key
|
|
Protocol 2
|
|
PermitRootLogin no
|
|
PasswordAuthentication no
|
|
MaxStartups 100:30:200
|
|
AllowUsers git
|
|
PrintMotd no
|
|
PrintLastLog no
|
|
PubkeyAuthentication yes
|
|
AuthorizedKeysFile %h/.ssh/authorized_keys /gitlab-data/ssh/authorized_keys
|
|
AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k
|
|
AuthorizedKeysCommandUser git
|
|
|
|
# Fix: User username not allowed because account is locked
|
|
# With "UsePAM yes" the "!" is seen as a password disabled account and not fully locked so ssh public key login works
|
|
UsePAM yes
|
|
|
|
# Disabling use DNS in ssh since it tends to slow connecting
|
|
UseDNS no
|
|
|
|
# Enable the use of Git protcol v2
|
|
AcceptEnv GIT_PROTOCOL
|