projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
acker -> conova-node02
[mirror/dsa-puppet.git] / modules / ssh / templates / sshd_config.erb
diff --git a/modules/ssh/templates/sshd_config.erb b/modules/ssh/templates/sshd_config.erb
index b0e690f..9b49f2f 100644 (file)
--- a/modules/ssh/templates/sshd_config.erb
+++ b/modules/ssh/templates/sshd_config.erb
@@ -85,3 +85,9 @@ UsePAM yes
 AuthorizedKeysFile /etc/ssh/userkeys/%u /var/lib/misc/userkeys/%u /etc/ssh/userkeys/%u.more
 
 PasswordAuthentication no
+
+Match Group sftponly
+  AllowStreamLocalForwarding no
+  AllowTCPForwarding no
+  X11Forwarding no
+  ForceCommand internal-sftp
Unnamed repository; edit this file 'description' to name the repository.