From 08504ae394a90789135dcfaeae29a57955dc0705 Mon Sep 17 00:00:00 2001
From: Wilfried OLLIVIER <wollivier@fdn.fr>
Date: Mon, 8 Mar 2021 09:51:59 +0100
Subject: [PATCH] Remove deprecated options in SSH config

---
 templates/sshd_config.j2 | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/templates/sshd_config.j2 b/templates/sshd_config.j2
index ffb9522..8b80c41 100644
--- a/templates/sshd_config.j2
+++ b/templates/sshd_config.j2
@@ -11,12 +11,6 @@ Protocol 2
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_dsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
-#Privilege Separation is turned on for security
-UsePrivilegeSeparation yes
-
-# Lifetime and size of ephemeral version 1 server key
-KeyRegenerationInterval 3600
-ServerKeyBits 768
 
 # Logging
 SyslogFacility AUTH
@@ -27,14 +21,11 @@ LoginGraceTime 120
 PermitRootLogin without-password
 StrictModes yes
 
-RSAAuthentication yes
 PubkeyAuthentication yes
 AuthorizedKeysFile	%h/.ssh/authorized_keys
 
 # Don't read the user's ~/.rhosts and ~/.shosts files
 IgnoreRhosts yes
-# For this to work you will also need host keys in /etc/ssh_known_hosts
-RhostsRSAAuthentication no
 # similar for protocol version 2
 HostbasedAuthentication no
 # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication