# Note that while many of these are the defaults, this file is loaded after
# other drop-in configuration files, and so ensures that the defaults are still
# the defaults.

# Authentication
#   Dis-allow password authentication [Default: yes]
#   Dis-allow root login [Default: prohibit-password]
#   Dis-allow empty password login attempts [Default: no]
#   Disable keyboard-interactive authentication [Default: yes]
PasswordAuthentication no
PermitRootLogin no
PermitEmptyPasswords no
KbdInteractiveAuthentication no

# Enable PAM ("If UsePAM is enabled, you will not be able to run sshd as a
# non-root user" -- handy!) [Default: no]
# WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems
UsePAM yes

# Disable X11 Forwarding [Default: no]
X11Forwarding no

ClientAliveInterval 300
ClientAliveCountMax 2

# Restrict to only NibTech logins
AllowGroups nibtech