Versions Compared

Old Version 7

changes.mady.by.user Matīss O.

Saved on

compared with

New Version 8

changes.mady.by.user Matīss O.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

PropertyDescription
allow-none-crypto (yes|no; Default: no)Whether to allow connection if cryptographic algorithms are set to none.
always-allow-password-login (yes | no; Default: no)Whether to allow password login at the same time when public key authorization is configured for a user.
forwarding-enabled (both | local | no | remote; Default: no)Allows to control which SSH forwarding method to allow:
  • no - SSH forwarding is disabled;
  • local - Allow SSH clients to originate connections from the server(router), this setting controls also dynamic forwarding;
  • remote - Allow SSH clients to listen on the server(router) and forward incoming connections;
  • both - Allow both local and remote forwarding methods.
host-key-size (1024 | 1536 | 2048 | 4096 | 8192; Default: 2048)RSA key size when host key is being regenerated.
host-key-type (ed25519 | rsa; Default: rsa)Select host key type
strong-crypto (yes | no; Default: no)Use stronger encryption, HMAC algorithms, use bigger DH primes and disallow weaker ones:
  • use 256 and 192 bit encryption instead of 128 bits;
  • disable null encryption;
  • use sha256 for hashing instead of sha1;
  • disable md5;
  • use 2048bit prime for Diffie Hellman exchange instead of 1024bit.

...