| # Copyright 2021 Google LLC |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # Force protocol v2 only |
| Protocol 2 |
| |
| # Enable both IPv4 and IPv6 |
| AddressFamily any |
| |
| # /etc is read-only. Fetch keys from stateful partition |
| # Not using v1, so no v1 key |
| HostKey /mnt/stateful_partition/etc/ssh/ssh_host_rsa_key |
| HostKey /mnt/stateful_partition/etc/ssh/ssh_host_ed25519_key |
| |
| PasswordAuthentication no |
| ChallengeResponseAuthentication no |
| PermitRootLogin no |
| UsePAM yes |
| |
| PrintMotd no |
| PrintLastLog no |
| UseDns no |
| Subsystem sftp internal-sftp |
| |
| PermitTunnel no |
| AllowTcpForwarding yes |
| X11Forwarding no |
| |
| Ciphers aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr |
| |
| # Compute times out connections after 10 minutes of inactivity. Keep alive |
| # ssh connections by sending a packet every 7 minutes. |
| ClientAliveInterval 420 |
| |
| AcceptEnv EDITOR LANG LC_ALL PAGER TZ |