# /etc/ssh/sshd_config.d/quire.conf
#
# Drop this file into sshd_config.d (or append to sshd_config).
# Forces all connections as the git user through quire exec.
# No port forwarding, agent forwarding, X11, or PTY — these are git/quire
# connections, not interactive shells.

Match User git
    AuthorizedKeysFile /home/git/.ssh/authorized_keys
    ForceCommand docker exec --interactive quire-container quire exec "$SSH_ORIGINAL_COMMAND"
    AllowTcpForwarding no
    AllowAgentForwarding no
    X11Forwarding no
    PermitTTY no