Add sshd_config to the bootstrap AIO process

This change is being done to ensure that we have a consistent and performant SSH configuration in place throughout all of our gates. Change-Id: I4b2da075400dd7abb9826e55bf14bf10b126b5df Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-09-23 22:35:10 -05:00 · 2016-09-23 22:35:10 -05:00 · 1604bba1c8
commit 1604bba1c8
parent aa306a9ee6
1 changed files with 40 additions and 1 deletions
--- a/tests/bootstrap-aio.yml
+++ b/tests/bootstrap-aio.yml
@ -35,4 +35,43 @@
          - name: neutron.yml.aio
          - name: nova.yml.aio
          - name: swift.yml.aio
-
+  vars:
+    sshd:
+      ListenAddress:
+        - 0.0.0.0
+        - '::'
+      Port: 22
+      Protocol: 2
+      HostKey:
+        - "/etc/ssh/ssh_host_rsa_key"
+        - "/etc/ssh/ssh_host_ecdsa_key"
+        - "/etc/ssh/ssh_host_ed25519_key"
+      UsePrivilegeSeparation: yes
+      KeyRegenerationInterval: 3600
+      ServerKeyBits: 1024
+      SyslogFacility: "AUTH"
+      LogLevel: "INFO"
+      LoginGraceTime: 120
+      StrictModes: yes
+      RSAAuthentication: yes
+      PubkeyAuthentication: yes
+      IgnoreRhosts: yes
+      RhostsRSAAuthentication: no
+      HostbasedAuthentication: no
+      PermitEmptyPasswords: no
+      PermitRootLogin: yes
+      ChallengeResponseAuthentication: no
+      PasswordAuthentication: no
+      X11DisplayOffset: 10
+      PrintMotd: no
+      PrintLastLog: no
+      TCPKeepAlive: yes
+      AcceptEnv: "LANG LC_*"
+      Subsystem: "sftp /usr/lib/openssh/sftp-server"
+      UsePAM: yes
+      UseDNS: no
+      X11Forwarding: no
+      Compression: yes
+      CompressionLevel: 6
+      MaxSessions: 100
+      MaxStartups: "100:100:100"