ListenAddress 0.0.0.0
PidFile /home/jingrow/jingrow-bench/config/ssh/sshd.pid
Port 2200


# Logging
LogLevel VERBOSE
SyslogFacility AUTH


# Authentication
PermitRootLogin no
StrictModes yes

AuthenticationMethods publickey
PubkeyAuthentication yes


# Disable Other Authentication Methods
ChallengeResponseAuthentication no
GSSAPIAuthentication no
HostbasedAuthentication no
KbdInteractiveAuthentication no
KerberosAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no
UsePAM no


# Certificates
AuthorizedKeysFile none
TrustedUserCAKeys /home/jingrow/jingrow-bench/config/ssh/ca.pub
AuthorizedPrincipalsFile /home/jingrow/jingrow-bench/config/ssh/principals

HostKey /home/jingrow/jingrow-bench/config/ssh/ssh_host_rsa_key
HostCertificate /home/jingrow/jingrow-bench/config/ssh/ssh_host_rsa_key-cert.pub 


# Capability Limits
AllowAgentForwarding no
AllowStreamLocalForwarding no
AllowTcpForwarding no

GatewayPorts no

PermitListen none
PermitOpen none

PermitTunnel no
PermitUserEnvironment no
PermitUserRC no

PrintMotd no

X11Forwarding no
X11UseLocalhost yes


# Interactive Terminal
PermitTTY yes


# Rate Limit
LoginGraceTime 20
MaxAuthTries 3
MaxSessions 10
MaxStartups 10:30:100
