shell-things/etc/ssh/sshd_config.d/basic-security.conf

# RSA and Ed25519 are fine, but DSA is broken and ecdsa is suspicious
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

# Includes public keys in logins
LogLevel VERBOSE

# root login should probably be denied entirely, but key is better than
# password
PermitRootLogin prohibit-password

# Passwords are bad
PasswordAuthentication no
etc/sshd_config.d: add basic-security.conf Ref: 88 2021-01-30 19:47:21 +01:00			`# RSA and Ed25519 are fine, but DSA is broken and ecdsa is suspicious`
			`HostKey /etc/ssh/ssh_host_rsa_key`
			`HostKey /etc/ssh/ssh_host_ed25519_key`

			`# Includes public keys in logins`
			`LogLevel VERBOSE`

			`# root login should probably be denied entirely, but key is better than`
			`# password`
			`PermitRootLogin prohibit-password`

			`# Passwords are bad`
			`PasswordAuthentication no`