.\" Man page generated from reStructuredText. . .TH "CDIST-TYPE__SSHD_CONFIG" "7" "Feb 07, 2021" "6.9.4" "cdist" . .nr rst2man-indent-level 0 . .de1 rstReportMargin \\$1 \\n[an-margin] level \\n[rst2man-indent-level] level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] - \\n[rst2man-indent0] \\n[rst2man-indent1] \\n[rst2man-indent2] .. .de1 INDENT .\" .rstReportMargin pre: . RS \\$1 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] . nr rst2man-indent-level +1 .\" .rstReportMargin post: .. .de UNINDENT . RE .\" indent \\n[an-margin] .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] .nr rst2man-indent-level -1 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. .SH NAME .sp cdist\-type__sshd_config \- Manage options in sshd_config .SH DESCRIPTION .sp This space intentionally left blank. .SH REQUIRED PARAMETERS .sp None. .SH OPTIONAL PARAMETERS .INDENT 0.0 .TP .B file The path to the sshd_config file to edit. Defaults to \fB/etc/ssh/sshd_config\fP\&. .TP .B match Restrict this option to apply only for certain connections. Allowed values are what would be allowed to be written after a \fBMatch\fP keyword in \fBsshd_config\fP, e.g. \fB\-\-match \(aqUser anoncvs\(aq\fP\&. .sp Can be used multiple times. All of the values are ANDed together. .TP .B option The name of the option to manipulate. Defaults to \fB__object_id\fP\&. .TP .B state Can be: .INDENT 7.0 .IP \(bu 2 \fBpresent\fP: ensure a matching config line is present (or the default value). .IP \(bu 2 \fBabsent\fP: ensure no matching config line is present. .UNINDENT .TP .B value The option\(aqs value to be assigned to the option (if \fB\-\-state present\fP) or removed (if \fB\-\-state absent\fP). .sp This option is required if \fB\-\-state present\fP\&. If not specified and \fB\-\-state absent\fP, all values for the given option are removed. .UNINDENT .SH BOOLEAN PARAMETERS .sp None. .SH EXAMPLES .INDENT 0.0 .INDENT 3.5 .sp .nf .ft C # Disallow root logins with password __sshd_config PermitRootLogin \-\-value without\-password # Disallow password\-based authentication __sshd_config PasswordAuthentication \-\-value no # Accept the EDITOR environment variable __sshd_config AcceptEnv:EDITOR \-\-option AcceptEnv \-\-value EDITOR # Force command for connections as git user __sshd_config git@ForceCommand \-\-match \(aqUser git\(aq \-\-option ForceCommand \e \-\-value \(aqcd ~git && exec git\-shell ${SSH_ORIGINAL_COMMAND:+\-c "${SSH_ORIGINAL_COMMAND}"}\(aq .ft P .fi .UNINDENT .UNINDENT .SH SEE ALSO .sp \fBsshd_config\fP(5) .SH BUGS .INDENT 0.0 .IP \(bu 2 This type assumes a nicely formatted config file, i.e. no config options spanning multiple lines. .IP \(bu 2 \fBInclude\fP directives are ignored. .IP \(bu 2 Config options are not added/removed to/from the config file if their value is the default value. .UNINDENT .SH AUTHORS .sp Dennis Camera <\fI\%dennis.camera\-\-@\-\-ssrq\-sds\-fds.ch\fP> .SH COPYING .sp Copyright (C) 2020 Dennis Camera. You can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. .SH COPYRIGHT ungleich GmbH 2020 .\" Generated by docutils manpage writer. .