shell-things

mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2025-10-31 17:37:20 +01:00

Author	SHA1	Message	Date
Aminda Suomalainen	caa0d5e185	etc/ssh/ssh_config: add VisualHostKey yes	2022-12-19 19:42:10 +02:00
Aminda Suomalainen	b350e525e6	etc/ssh/ssh_config: torify ssh	2022-10-10 23:00:16 +03:00
Aminda Suomalainen	f58d0d7d01	ssh/user-permit-password: add example for multiple users	2022-01-16 15:15:09 +02:00
Mikaela Suomalainen	9c7d0c6210	etc/ssh/config.d: add example.conf So I can stop having to dig this from manual every time I want to configure a new host, and a couple of options I haven't used previously, but could as they seem nice	2021-06-18 13:48:41 +03:00
Mikaela Suomalainen	c6a75f0962	ssh/anoncvs.conf: fix typo	2021-05-04 16:18:31 +03:00
Mikaela Suomalainen	288b010fe5	sshd: move mikaela-prohibit-password.conf to broken/ Apparently OpenSSH only allows PasswordAuthentication yes within a Match block.	2021-02-02 14:12:43 +02:00
Mikaela Suomalainen	1be2720861	sshd: explicitly "terminate" Match blocks by Match All https://unix.stackexchange.com/a/303982/17126 & man sshd_config	2021-02-02 13:58:35 +02:00
Mikaela Suomalainen	3260950712	sshd/anoncvs.conf: vcs users shouldn't ever be asked for a password even if the system would allow that.	2021-02-02 13:06:04 +02:00
Mikaela Suomalainen	7ad17f8087	sshd/user-permit-password.conf: note on how to allow specific user to use passwords	2021-02-01 17:11:06 +02:00
Mikaela Suomalainen	1503367c86	sshd_config & ….d/README: note min version & date	2021-01-31 13:51:06 +02:00
Mikaela Suomalainen	f75bc7bd07	sshd/basic-security.conf: remove deprecated option > /etc/ssh/sshd_config.d/basic-security.conf line 24: Deprecated option UsePrivilegeSeparation OpenSSH_8.4p1, OpenSSL 1.1.1i FIPS 8 Dec 2020	2021-01-31 13:39:51 +02:00
Mikaela Suomalainen	0151bee9b0	sshd/mikaela-prohibit-password.conf: add AuthenticationMethods publickey	2021-01-30 22:15:51 +02:00
Mikaela Suomalainen	f1ea1e17d9	etc/ssh: rm copy	2021-01-30 21:35:05 +02:00
Mikaela Suomalainen	0572613d99	etc/ssh: cut sshd_config into multiple .confs	2021-01-30 21:31:38 +02:00
Mikaela Suomalainen	c5fa3daf29	sshd_config.d: read Mozilla docs & adjust accordingly https://infosec.mozilla.org/guidelines/openssh	2021-01-30 21:18:41 +02:00
Mikaela Suomalainen	5211fb772c	sshd_config.d: add anoncvs.conf	2021-01-30 21:00:06 +02:00
Mikaela Suomalainen	de3a0739b4	sshd_config.d: add mikaela-prohibit-password.conf Resolves: #88	2021-01-30 20:50:21 +02:00
Mikaela Suomalainen	a7c643bb7a	etc/sshd_config.d: add basic-security.conf Ref: 88	2021-01-30 20:47:21 +02:00
Mikaela Suomalainen	856085bd74	ssh_config: document ForwardAgent and ForwardX11... ...Previously they were no without explanation, but it never hurts to explicitly have comments on not doing that, I didn't quickly find anything nice for ForwardAgent, but I remember the Matrix.org people somehow avoiding hearing it and ForwardX11 first result was that StackExchange.	2020-05-22 14:36:26 +03:00
Mikaela Suomalainen	d8d48508bd	ssh_config: update comments, add Includes Resolves: #69	2020-05-22 14:29:37 +03:00
Mikaela Suomalainen	95bcf095df	VerifyHostKeyByDNS is supposed to be yes fix previous commit, I imagine I changed it by accident.	2019-05-11 00:58:00 +03:00
Mikaela Suomalainen	e634ee8863	ssh_config: update comment for VerifyHostKeyDNS OpenSSH is evil and gives you three not-optimal options to this: A) trust DNSSEC and don't write known_hosts B) ask whether to trust DNS, but don't bother telling me if it's signed C) don't even check SSHFP I see A) as the least evil, but I wish known_hosts was written. Alternatively B) should tell me whether there is DNSSEC or not, not only "matching keys found from DNS" or whatever it says always.	2019-05-09 18:44:36 +03:00
Mikaela Suomalainen	492cac7158	Revert "ssh_config: controlpersist auto instead of on" This reverts commit 330e8a80ad7bebe175e909842d2d3e70855b952e. I got complaining about bad value	2018-10-11 13:45:31 +03:00
Mikaela Suomalainen	330e8a80ad	ssh_config: controlpersist auto instead of on just in case that would be used for tracking and hoping that SSH is clever enough.	2018-10-07 21:12:08 +03:00
Mikaela Suomalainen	b8bda9cf49	ssh_config: use more private ControlPath	2018-10-07 20:54:41 +03:00
Mikaela Suomalainen	9a662594d2	Fix #87 (explain ssh_config UseRoaming no)	2016-01-14 20:37:51 +02:00
Mikaela Suomalainen	bbfb63dabd	unify the two ssh_config files (fix typos)	2016-01-14 16:59:18 +02:00
Mikaela Suomalainen	9d5db7ee3c	ssh_config: add "UseRoaming no" https://twitter.com/msfriedl/status/687635945642967040	2016-01-14 16:47:30 +02:00
Mikaela Suomalainen	d903ba5985	sshd_config: no instead of No Permitrootlogin had it for some reason and Jolla's sshd didn't like it.	2016-01-06 10:17:33 +02:00
Mikaela Suomalainen	c42ae8eb43	ssh: also send EDITOR	2015-09-12 11:45:42 +03:00
Mikaela Suomalainen	fdf8255372	ssh: send/accept also TZ TERM	2015-09-12 11:42:44 +03:00
Mikaela Suomalainen	0f00443a7b	sshd_config: mention the LC_ALL anyway my config files are horrible, too many comments.	2015-09-06 18:42:36 +03:00
Mikaela Suomalainen	96ca38818f	sshd_config: don't talk so much about locales	2015-09-06 18:40:02 +03:00
Mikaela Suomalainen	801e3e0941	sshd_config: AcceptEnv LANG, LANGUAGE LC_* but not LC_ALL and there is no asterisk, the varibles are allowed separately. It's very unlikely that someone invents a new locale type.	2015-09-06 18:36:48 +03:00
Mikaela Suomalainen	a3d5fbd9d7	sshd_config: http://serverfault.com/a/660325	2015-09-06 18:27:50 +03:00
Mikaela Suomalainen	a0352630fd	sshd_config: verbose logging of sftp	2015-09-06 17:37:34 +03:00
Mikaela Suomalainen	8d55bc53db	sshd_config: use internal sftp & fixes thanks again @grawity	2015-09-06 17:20:12 +03:00
Mikaela Suomalainen	c82b706942	fix 7470403158749d89ae645ff29e508ca652160b63 thanks @DarthGandalf and @grawity on #znc	2015-09-06 17:13:21 +03:00
Mikaela Suomalainen	7470403158	sshd_config: add Fedora & Gentoo sftp-server thanks Conjuro and @DarthGandalf on #znc	2015-09-06 17:09:55 +03:00
Mikaela Suomalainen	774346c8d0	fix sshd_config	2015-09-06 08:42:29 +03:00
Mikaela Suomalainen	68c6da5aec	ssh_config: fix comments	2015-09-06 08:15:17 +03:00
Mikaela Suomalainen	dc9f8b0ab5	sort sshd_config	2015-09-06 08:12:41 +03:00
Mikaela Suomalainen	c3f351d21f	sshd_config: add commented AcceptEnv and reason why it's commented, security, ShellShock worked with remotely sent environent variables even with restricted accounts.	2015-09-06 07:33:32 +03:00
Mikaela Suomalainen	90c86466dd	ssh_config: also sendenv LANGUAGE	2015-09-06 07:30:41 +03:00
Mikaela Suomalainen	6fc4b6a29b	ssh_config: add missing dot	2015-09-05 23:50:31 +03:00
Mikaela Suomalainen	28c2f0b8d8	ssh_config: SendEnv LANG LC_*	2015-09-05 23:46:00 +03:00
Mikaela Suomalainen	bd3ee60e61	ssh_config: fix paste fail	2015-09-02 08:33:02 +03:00
Mikaela Suomalainen	66f604a6dd	ssh_config: add UpdateHostKeys yes	2015-09-02 08:15:16 +03:00
Mikaela Suomalainen	c05b52354f	sshd_config: restore Client* I am sure I committed them already, but they have disappeared somewhere. Maybe I accidentally overwrote them.	2015-09-01 17:37:33 +03:00
Mikaela Suomalainen	888686ef48	etc/ssh/copy: add verbosity	2015-09-01 17:32:56 +03:00

1 2

61 Commits