#
# !!! This file is managed by Ansible !!!
#

Port {{ services.openssh.port | default(22) }}

{% if services.openssh.permitRootLogin is true %}
PermitRootLogin prohibit-password
{% else %}
PermitRootLogin no
{% endif %}

{% if services.openssh.passwordAuthentication is true %}
PasswordAuthentication yes
{% else %}
PasswordAuthentication no
{% endif %}

AuthorizedKeysFile	.ssh/authorized_keys

ChallengeResponseAuthentication no

UsePAM yes

Subsystem	sftp	/usr/lib/ssh/sftp-server

{% if services.openssh.extraConfig is defined %}
{{ services.openssh.extraConfig }}
{% endif %}