ssh_config: Fix indentation mangled by Vim

author Peter Müller <peter.mueller@ipfire.org>

Sun, 28 Sep 2025 21:06:00 +0000 (21:06 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Tue, 30 Sep 2025 08:55:53 +0000 (08:55 +0000)
author Peter Müller <peter.mueller@ipfire.org>
Sun, 28 Sep 2025 21:06:00 +0000 (21:06 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Tue, 30 Sep 2025 08:55:53 +0000 (08:55 +0000)
diff --git a/config/ssh/ssh_config b/config/ssh/ssh_config

index 2fc62e116d0205d37283226a5f143ae0ac1d2bfa..66cb0c2ccd47625d5e9ba657b3e521ffa1a30ef7 100644 (file)
--- a/config/ssh/ssh_config
+++ b/config/ssh/ssh_config
@@ -5,30 +5,30 @@
  
  # Set some basic hardening options for all connections
  Host *
-        # Disable undocumented roaming feature as it is known to be vulnerable
-        UseRoaming no
+       # Disable undocumented roaming feature as it is known to be vulnerable
+       UseRoaming no
  
-        # Only use secure crypto algorithms
-               KexAlgorithms mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
-        Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
-        MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
+       # Only use secure crypto algorithms
+       KexAlgorithms mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
+       Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
+       MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
  
-        # Always visualise server host keys (helps to identify key based MITM attacks)
-        VisualHostKey yes
+       # Always visualise server host keys (helps to identify key based MITM attacks)
+       VisualHostKey yes
  
-        # Use SSHFP (might work on some up-to-date networks) to look up host keys
-        VerifyHostKeyDNS yes
+       # Use SSHFP (might work on some up-to-date networks) to look up host keys
+       VerifyHostKeyDNS yes
  
-        # Send SSH-based keep alive messages to connected server to avoid broken connections
-        ServerAliveInterval 10
-        ServerAliveCountMax 30
+       # Send SSH-based keep alive messages to connected server to avoid broken connections
+       ServerAliveInterval 10
+       ServerAliveCountMax 30
  
         # Disable TCP keep alive messages since they can be spoofed and we have SSH-based
         # keep alive messages enabled; there is no need to do things twice here
         TCPKeepAlive no
  
-        # Ensure only allowed authentication methods are used
-        PreferredAuthentications publickey,keyboard-interactive,password
+       # Ensure only allowed authentication methods are used
+       PreferredAuthentications publickey,keyboard-interactive,password
  
         # Prevent information leak by hashing ~/.ssh/known_hosts
         HashKnownHosts yes
author	Peter Müller <peter.mueller@ipfire.org>
	Sun, 28 Sep 2025 21:06:00 +0000 (21:06 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Tue, 30 Sep 2025 08:55:53 +0000 (08:55 +0000)