...
The parameters we change:
- AcceptEnv commented out. This ensures no unexpected side effects from having especially non-standard locale variables.
- AllowUsers tightens security. We set this to root and add others as the need arises.
- GSSAPIAuthentication no turns off several authentication methods which are not needed when using private/public keys or passwords. Reference: http://en.wikipedia.org/wiki/Generic_Security_Services_Application_Program_Interface
- PasswordAuthentication no or without-password disables login via password.
- PermitRootLogin no or without-password disables login via password. We always use without-password, sometimes globally and sometimes within Match Address conditional section(s).
- UsePrivilegeSeparation yes allows ssh to function in lxc containers . In LXCs only (otherwise we use the as-installed no). Otherwise ssh does not work.
- UsePAM no avoids messages like "PAM service(sshd) ignoring max retries; 6 > 3".
The message is caused by PAM's compiled-in retry limit being less than sshd's. - UseDNS no disables reverse DNS lookups to see if your hostname matches the IP address you are connecting from. Does not make sense with dynamic IP addresses.
...
Sometimes this is not convenient because several commands are to be run. A solution is to specify a script in authorized_keys and for the script to validate the commands. For example (old version of bung's validate_ssh_cmd.sh):
#!/bin/bash
# Purpose: validates the command a remote host is attempting to execute by ss
...