{% if security_sshd_disallow_empty_password | bool %}
# V-71939 / RHEL-07-010440
PermitEmptyPasswords no
{% endif %}
{% if security_sshd_disallow_environment_override | bool %}
# V-71957
PermitUserEnvironment no
{% endif %}
{% if security_sshd_disallow_host_based_auth | bool %}
# V-71959
HostbasedAuthentication no
{% endif %}
# V-72221
Ciphers {{ security_sshd_cipher_list }}
# V-72225
Banner {{ security_sshd_banner_file }}
# V-72237
ClientAliveInterval {{ security_sshd_client_alive_interval }}
# V-72241
ClientAliveCountMax {{ security_sshd_client_alive_count_max }}
{% if security_sshd_print_last_log | bool %}
# V-72245
PrintLastLog yes
{% endif %}
{% if not (security_sshd_permit_root_login | bool) %}
# V-72247
PermitRootLogin no
{% endif %}
{% if security_sshd_disallow_known_hosts_auth | bool %}
# V-72249 / V-72239
IgnoreUserKnownHosts yes
{% endif %}
{% if security_sshd_disallow_rhosts_auth | bool %}
# V-72243
IgnoreRhosts yes
{% endif %}
{% if security_sshd_enable_x11_forwarding | bool %}
# V-72303
X11Forwarding yes
{% endif %}
# V-72251
Protocol {{ security_sshd_protocol }}
# V-72253
MACs {{security_sshd_allowed_macs }}
{% if security_sshd_enable_privilege_separation | bool %}
# V-72265
UsePrivilegeSeparation sandbox
{% endif %}
# V-72267
Compression {{ security_sshd_compression }}
{% if security_sshd_disable_kerberos_auth | bool %}
# V-72261
KerberosAuthentication no
{% endif %}
{% if security_sshd_enable_strict_modes| bool %}
# V-72263
StrictModes yes
{% endif %}