---
__sshd_service: ssh
__sshd_packages:
  - openssh-server
  - openssh-sftp-server
__sshd_config_mode: "0644"
__sshd_defaults:
  Port: 22
  Protocol: 2
  HostKey:
    - /etc/ssh/ssh_host_rsa_key
    - /etc/ssh/ssh_host_dsa_key
    - /etc/ssh/ssh_host_ecdsa_key
    - /etc/ssh/ssh_host_ed25519_key
  UsePrivilegeSeparation: true
  KeyRegenerationInterval: 3600
  ServerKeyBits: 1024
  SyslogFacility: AUTH
  LogLevel: INFO
  LoginGraceTime: 120
  PermitRootLogin: prohibit-password
  StrictModes: true
  RSAAuthentication: true
  PubkeyAuthentication: true
  AuthorizedKeysFile: "%h/.ssh/authorized_keys"
  IgnoreRhosts: true
  RhostsRSAAuthentication: false
  HostbasedAuthentication: false
  PermitEmptyPasswords: false
  ChallengeResponseAuthentication: false
  X11Forwarding: true
  X11DisplayOffset: 10
  PrintMotd: false
  PrintLastLog: true
  TCPKeepAlive: true
  AcceptEnv: LANG LC_*
  Subsystem: "sftp {{ __sshd_sftp_server }}"
  UsePAM: true
  UseDNS: false
__sshd_os_supported: true