# OpenSSH server configuration (managed by Ansible)
Port {{ ssh_port }}
Protocol 2
PermitRootLogin no
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding no
AllowUsers {{ ssh_user }}
ClientAliveInterval 300
ClientAliveCountMax 2
LoginGraceTime 30
MaxAuthTries 3
AllowTcpForwarding no
PermitEmptyPasswords no
PrintMotd no
UseDNS no
Compression no