# SSH options used for user sessions
# max_session_ttl defines the TTL (time to live) of SSH certificates
# issued to the users with this role.
# allow section declares a list of resource/verb combinations that are
# allowed for the users of this role. by default nothing is allowed.