46 lines
1.1 KiB
Markdown
46 lines
1.1 KiB
Markdown
# SSH Server Configuration (sshd)
|
|
|
|
|
|
## Extra Configuration
|
|
Custom configration to the sshd config file can be added via the `ssh_server::extra_config` key. The config will be added at the end of the `/etc/ssh/sshd_config` file.
|
|
|
|
### Force Command
|
|
|
|
To configure a force command use:
|
|
```yaml
|
|
# add force command
|
|
ssh_server::extra_config:
|
|
'Force command for non root users': |
|
|
Match User *,!root
|
|
ForceCommand /usr/bin/kpasswd
|
|
|
|
```
|
|
|
|
## Login Banner
|
|
A login banner can be configured as follows:
|
|
|
|
```yaml
|
|
# custom banner message on ssh login-prompt
|
|
|
|
ssh_server::banner_file: '/etc/sshgw/sshd_message'
|
|
|
|
files::files:
|
|
/etc/sshgw/sshd_message:
|
|
mode: '0644'
|
|
owner: 'root'
|
|
content: |
|
|
----
|
|
|
|
PAUL SCHERRER INSTITUTE
|
|
________________
|
|
| __ | ____| |
|
|
| ____|____ | |
|
|
|_| |______|__|
|
|
|
|
----
|
|
|
|
```
|
|
|
|
## SFTP Server
|
|
How to enable/disable and configure a sftp server please refer to the [SFTP Server](../files/sftp_server) guide.
|