# Security, we only want public key login for users and NOT for users root,git PermitRootLogin no PasswordAuthentication no PubkeyAuthentication yes AuthenticationMethods publickey KbdInteractiveAuthentication no ChallengeResponseAuthentication no PermitTTY no AllowAgentForwarding no # Point keys to shared data dir to avoid regenerating them each time HostKey /var/ssh/etc/ssh/ssh_host_rsa_key HostKey /var/ssh/etc/ssh/ssh_host_ecdsa_key HostKey /var/ssh/etc/ssh/ssh_host_ed25519_key # Logging SyslogFacility AUTH LogLevel INFO # Force run script that checks for permissions and runs sudo ForceCommand /usr/local/bin/git-run "$SSH_ORIGINAL_COMMAND" # git user has access to EVERYTHING. no login should be possible DenyUsers git