# Inspiration:
# https://ubuntuforums.org/showthread.php?t=831372

# Logging Configuration
SyslogFacility AUTH
LogLevel INFO

# Root is the only user allowed to login
AllowUsers root

# Allow TCP Forwarding: required by vs code remote development: 
# https://code.visualstudio.com/docs/remote/troubleshooting#_enabling-alternate-ssh-authentication-methods
AllowTcpForwarding yes

# Allow transfer of user environment variables
PermitUserEnvironment yes

# Alive Interval will make SSH connection more stable 
ClientAliveInterval 60
ClientAliveCountMax 10

# Allow Remote Port forwarding to an address other than localhost
# https://askubuntu.com/questions/50064/reverse-port-tunnelling
GatewayPorts clientspecified

# Only allow key-based authentication -> higher security
PasswordAuthentication no
ChallengeResponseAuthentication no
GSSAPIAuthentication no
IgnoreRhosts yes
HostbasedAuthentication no
IgnoreUserKnownHosts yes
UsePAM no

# Activate SFTP server
Subsystem sftp internal-sftp

# Allow SSH-Agent Forwarding
AllowAgentForwarding yes

# Activate X11 Forwarding (GUI Access)  
X11Forwarding yes
X11UseLocalhost no
X11DisplayOffset 10

# Disable permissions checks on keyfiles and directories
StrictModes no
