From 2f93e605a592ad39dfe0ef04bf76eb315ea6a727 Mon Sep 17 00:00:00 2001
From: Xiao Pan <gky44px1999@gmail.com>
Date: Mon, 31 Jul 2023 20:18:11 -0700
Subject: sshd_config use `AuthenticationMethods publickey` for redundancy,
 think about what if they changed some defaults auth method from no to yes

---
 etc/ssh/sshd_config | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'etc')

diff --git a/etc/ssh/sshd_config b/etc/ssh/sshd_config
index fb66c21d..f66c0efd 100644
--- a/etc/ssh/sshd_config
+++ b/etc/ssh/sshd_config
@@ -114,3 +114,7 @@ Subsystem	sftp	/usr/lib/ssh/sftp-server
 #	AllowTcpForwarding no
 #	PermitTTY no
 #	ForceCommand cvs server
+
+# Based on manpage, setting PasswordAuthentication no, and default KbdInteractiveAuthentication no, with other defaults seems already equivalent to AuthenticationMethods publickey, but I still put it here for redundancy.
+# https://wiki.archlinux.org/title/OpenSSH#Force_public_key_authentication
+AuthenticationMethods publickey
-- 
cgit v1.2.3-70-g09d2