Customize SSHD config

Add options to customize SSHD config:

PermitRootLogin > --ssh-permit-root= yes | without-password | no

PasswordAuthentication > --ssh-password-auth= yes | no

Port --ssh-port= port number between 1 and --ssh-harden > hardens config with these options:

HostKey /etc/ssh/ssh_host_ed25519_key
KexAlgorithms curve25519-sha256@libssh.org
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
PermitEmptyPasswords no
X11Forwarding no

So it would look like this:

/etc/ssh/sshd_config.d/custom.conf:

# Generated by the ISPConfig autoinstaller on 01-01-1990
Port 2202
PermitRootLogin without-password
PasswordAuthentication no
HostKey /etc/ssh/ssh_host_ed25519_key
KexAlgorithms curve25519-sha256@libssh.org
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
PermitEmptyPasswords no
X11Forwarding no

Edited Sep 22, 2022 by Thom

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information