From 01f991ac8802b32a5ad38dd12d44ee93232e97fd Mon Sep 17 00:00:00 2001 From: Anders Eurenius Runvald Date: Wed, 14 Oct 2020 19:01:11 +0200 Subject: [PATCH] Update sshd_config (#13143) Afaik, adding these lines does nothing unless the file(s) are present. Having them in let's admins supply certs instead of relying on TOFU. Co-authored-by: zeripath --- docker/root/etc/templates/sshd_config | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker/root/etc/templates/sshd_config b/docker/root/etc/templates/sshd_config index 82a9c0221ea9..26e26feb4127 100644 --- a/docker/root/etc/templates/sshd_config +++ b/docker/root/etc/templates/sshd_config @@ -8,9 +8,13 @@ ListenAddress :: LogLevel INFO HostKey /data/ssh/ssh_host_ed25519_key +HostCertificate /data/ssh/ssh_host_ed25519_cert HostKey /data/ssh/ssh_host_rsa_key +HostCertificate /data/ssh/ssh_host_rsa_cert HostKey /data/ssh/ssh_host_ecdsa_key +HostCertificate /data/ssh/ssh_host_ecdsa_cert HostKey /data/ssh/ssh_host_dsa_key +HostCertificate /data/ssh/ssh_host_dsa_cert AuthorizedKeysFile .ssh/authorized_keys AuthorizedPrincipalsFile .ssh/authorized_principals