# SSH 설정 - TSID PIN 인증 전용
# 접속 방법: ssh tsid@서버IP
# PIN 입력 -> PAM 인증 -> imsi-user 생성/조회 -> 로그인

Port 22
Protocol 2

# 인증 설정
UsePAM yes
PasswordAuthentication no
KbdInteractiveAuthentication yes
ChallengeResponseAuthentication yes
PubkeyAuthentication no

PermitRootLogin yes
PermitEmptyPasswords yes

# 보안 설정
X11Forwarding no
PrintMotd no
PrintLastLog no
TCPKeepAlive yes

# 로그 설정
SyslogFacility AUTH
LogLevel INFO

# 키 교환
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha2-256,hmac-sha2-512
