From c3f351d21f105d6b5f0ede5770051ee81858622d Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sun, 6 Sep 2015 07:33:32 +0300
Subject: [PATCH] sshd_config: add commented AcceptEnv

and reason why it's commented, security, ShellShock worked with remotely
sent environent variables even with restricted accounts.
---
 etc/ssh/sshd_config | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/etc/ssh/sshd_config b/etc/ssh/sshd_config
index 380b1067..fd8f7a86 100644
--- a/etc/ssh/sshd_config
+++ b/etc/ssh/sshd_config
@@ -25,6 +25,10 @@ HostKey /etc/ssh/ssh_host_rsa_key
 ## Debian
 #Subsystem sftp /usr/lib/openssh/sftp-server
 
+# Nothing is Accepted for security reasons, e.g. shellshock worked with
+# remotely accepted environment variables.
+#AcceptEnv LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION
+
 # Logging
 LogLevel VERBOSE