1 SSHD_CONFIG(5) OpenBSD Programmer's Manual SSHD_CONFIG(5)
4 sshd_config - OpenSSH SSH daemon configuration file
10 sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file
11 specified with -f on the command line). The file contains keyword-argu-
12 ment pairs, one per line. Lines starting with `#' and empty lines are
13 interpreted as comments. Arguments may optionally be enclosed in double
14 quotes (") in order to represent arguments containing spaces.
16 The possible keywords and their meanings are as follows (note that key-
17 words are case-insensitive and arguments are case-sensitive):
20 Specifies what environment variables sent by the client will be
21 copied into the session's environ(7). See SendEnv in
22 ssh_config(5) for how to configure the client. Note that envi-
23 ronment passing is only supported for protocol 2. Variables are
24 specified by name, which may contain the wildcard characters `*'
25 and `?'. Multiple environment variables may be separated by
26 whitespace or spread across multiple AcceptEnv directives. Be
27 warned that some environment variables could be used to bypass
28 restricted user environments. For this reason, care should be
29 taken in the use of this directive. The default is not to accept
30 any environment variables.
33 Specifies which address family should be used by sshd(8). Valid
34 arguments are ``any'', ``inet'' (use IPv4 only), or ``inet6''
35 (use IPv6 only). The default is ``any''.
38 This keyword can be followed by a list of group name patterns,
39 separated by spaces. If specified, login is allowed only for
40 users whose primary group or supplementary group list matches one
41 of the patterns. Only group names are valid; a numerical group
42 ID is not recognized. By default, login is allowed for all
43 groups. The allow/deny directives are processed in the following
44 order: DenyUsers, AllowUsers, DenyGroups, and finally
47 See PATTERNS in ssh_config(5) for more information on patterns.
50 Specifies whether TCP forwarding is permitted. The default is
51 ``yes''. Note that disabling TCP forwarding does not improve se-
52 curity unless users are also denied shell access, as they can al-
53 ways install their own forwarders.
56 This keyword can be followed by a list of user name patterns,
57 separated by spaces. If specified, login is allowed only for us-
58 er names that match one of the patterns. Only user names are
59 valid; a numerical user ID is not recognized. By default, login
60 is allowed for all users. If the pattern takes the form US-
61 ER@HOST then USER and HOST are separately checked, restricting
62 logins to particular users from particular hosts. The allow/deny
63 directives are processed in the following order: DenyUsers,
64 AllowUsers, DenyGroups, and finally AllowGroups.
66 See PATTERNS in ssh_config(5) for more information on patterns.
69 Specifies the file that contains the public keys that can be used
70 for user authentication. AuthorizedKeysFile may contain tokens
71 of the form %T which are substituted during connection setup.
72 The following tokens are defined: %% is replaced by a literal
73 '%', %h is replaced by the home directory of the user being au-
74 thenticated, and %u is replaced by the username of that user.
75 After expansion, AuthorizedKeysFile is taken to be an absolute
76 path or one relative to the user's home directory. The default
77 is ``.ssh/authorized_keys''.
79 Banner In some jurisdictions, sending a warning message before authenti-
80 cation may be relevant for getting legal protection. The con-
81 tents of the specified file are sent to the remote user before
82 authentication is allowed. This option is only available for
83 protocol version 2. By default, no banner is displayed.
85 ChallengeResponseAuthentication
86 Specifies whether challenge-response authentication is allowed.
87 All authentication styles from login.conf(5) are supported. The
91 Specifies the ciphers allowed for protocol version 2. Multiple
92 ciphers must be comma-separated. The supported ciphers are
93 ``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'',
94 ``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'', ``arcfour128'',
95 ``arcfour256'', ``arcfour'', ``blowfish-cbc'', and
96 ``cast128-cbc''. The default is:
98 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
99 arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
100 aes192-ctr,aes256-ctr
103 Sets the number of client alive messages (see below) which may be
104 sent without sshd(8) receiving any messages back from the client.
105 If this threshold is reached while client alive messages are be-
106 ing sent, sshd will disconnect the client, terminating the ses-
107 sion. It is important to note that the use of client alive mes-
108 sages is very different from TCPKeepAlive (below). The client
109 alive messages are sent through the encrypted channel and there-
110 fore will not be spoofable. The TCP keepalive option enabled by
111 TCPKeepAlive is spoofable. The client alive mechanism is valu-
112 able when the client or server depend on knowing when a connec-
113 tion has become inactive.
115 The default value is 3. If ClientAliveInterval (see below) is
116 set to 15, and ClientAliveCountMax is left at the default, unre-
117 sponsive SSH clients will be disconnected after approximately 45
118 seconds. This option applies to protocol version 2 only.
121 Sets a timeout interval in seconds after which if no data has
122 been received from the client, sshd(8) will send a message
123 through the encrypted channel to request a response from the
124 client. The default is 0, indicating that these messages will
125 not be sent to the client. This option applies to protocol ver-
129 Specifies whether compression is allowed, or delayed until the
130 user has authenticated successfully. The argument must be
131 ``yes'', ``delayed'', or ``no''. The default is ``delayed''.
134 This keyword can be followed by a list of group name patterns,
135 separated by spaces. Login is disallowed for users whose primary
136 group or supplementary group list matches one of the patterns.
137 Only group names are valid; a numerical group ID is not recog-
138 nized. By default, login is allowed for all groups. The al-
139 low/deny directives are processed in the following order:
140 DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
142 See PATTERNS in ssh_config(5) for more information on patterns.
145 This keyword can be followed by a list of user name patterns,
146 separated by spaces. Login is disallowed for user names that
147 match one of the patterns. Only user names are valid; a numeri-
148 cal user ID is not recognized. By default, login is allowed for
149 all users. If the pattern takes the form USER@HOST then USER and
150 HOST are separately checked, restricting logins to particular
151 users from particular hosts. The allow/deny directives are pro-
152 cessed in the following order: DenyUsers, AllowUsers, DenyGroups,
153 and finally AllowGroups.
155 See PATTERNS in ssh_config(5) for more information on patterns.
158 Forces the execution of the command specified by ForceCommand,
159 ignoring any command supplied by the client. The command is in-
160 voked by using the user's login shell with the -c option. This
161 applies to shell, command, or subsystem execution. It is most
162 useful inside a Match block. The command originally supplied by
163 the client is available in the SSH_ORIGINAL_COMMAND environment
167 Specifies whether remote hosts are allowed to connect to ports
168 forwarded for the client. By default, sshd(8) binds remote port
169 forwardings to the loopback address. This prevents other remote
170 hosts from connecting to forwarded ports. GatewayPorts can be
171 used to specify that sshd should allow remote port forwardings to
172 bind to non-loopback addresses, thus allowing other hosts to con-
173 nect. The argument may be ``no'' to force remote port forward-
174 ings to be available to the local host only, ``yes'' to force re-
175 mote port forwardings to bind to the wildcard address, or
176 ``clientspecified'' to allow the client to select the address to
177 which the forwarding is bound. The default is ``no''.
180 Specifies whether user authentication based on GSSAPI is allowed.
181 The default is ``no''. Note that this option applies to protocol
184 GSSAPICleanupCredentials
185 Specifies whether to automatically destroy the user's credentials
186 cache on logout. The default is ``yes''. Note that this option
187 applies to protocol version 2 only.
189 HostbasedAuthentication
190 Specifies whether rhosts or /etc/hosts.equiv authentication to-
191 gether with successful public key client host authentication is
192 allowed (host-based authentication). This option is similar to
193 RhostsRSAAuthentication and applies to protocol version 2 only.
194 The default is ``no''.
196 HostbasedUsesNameFromPacketOnly
197 Specifies whether or not the server will attempt to perform a re-
198 verse name lookup when matching the name in the ~/.shosts,
199 ~/.rhosts, and /etc/hosts.equiv files during
200 HostbasedAuthentication. A setting of ``yes'' means that sshd(8)
201 uses the name supplied by the client rather than attempting to
202 resolve the name from the TCP connection itself. The default is
206 Specifies a file containing a private host key used by SSH. The
207 default is /etc/ssh/ssh_host_key for protocol version 1, and
208 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro-
209 tocol version 2. Note that sshd(8) will refuse to use a file if
210 it is group/world-accessible. It is possible to have multiple
211 host key files. ``rsa1'' keys are used for version 1 and ``dsa''
212 or ``rsa'' are used for version 2 of the SSH protocol.
215 Specifies that .rhosts and .shosts files will not be used in
216 RhostsRSAAuthentication or HostbasedAuthentication.
218 /etc/hosts.equiv and /etc/shosts.equiv are still used. The de-
222 Specifies whether sshd(8) should ignore the user's
223 ~/.ssh/known_hosts during RhostsRSAAuthentication or
224 HostbasedAuthentication. The default is ``no''.
226 KerberosAuthentication
227 Specifies whether the password provided by the user for
228 PasswordAuthentication will be validated through the Kerberos
229 KDC. To use this option, the server needs a Kerberos servtab
230 which allows the verification of the KDC's identity. The default
234 If AFS is active and the user has a Kerberos 5 TGT, attempt to
235 acquire an AFS token before accessing the user's home directory.
236 The default is ``no''.
238 KerberosOrLocalPasswd
239 If password authentication through Kerberos fails then the pass-
240 word will be validated via any additional local mechanism such as
241 /etc/passwd. The default is ``yes''.
243 KerberosTicketCleanup
244 Specifies whether to automatically destroy the user's ticket
245 cache file on logout. The default is ``yes''.
247 KeyRegenerationInterval
248 In protocol version 1, the ephemeral server key is automatically
249 regenerated after this many seconds (if it has been used). The
250 purpose of regeneration is to prevent decrypting captured ses-
251 sions by later breaking into the machine and stealing the keys.
252 The key is never stored anywhere. If the value is 0, the key is
253 never regenerated. The default is 3600 (seconds).
256 Specifies the local addresses sshd(8) should listen on. The fol-
257 lowing forms may be used:
259 ListenAddress host|IPv4_addr|IPv6_addr
260 ListenAddress host|IPv4_addr:port
261 ListenAddress [host|IPv6_addr]:port
263 If port is not specified, sshd will listen on the address and all
264 prior Port options specified. The default is to listen on all
265 local addresses. Multiple ListenAddress options are permitted.
266 Additionally, any Port options must precede this option for non-
267 port qualified addresses.
270 The server disconnects after this time if the user has not suc-
271 cessfully logged in. If the value is 0, there is no time limit.
272 The default is 120 seconds.
275 Gives the verbosity level that is used when logging messages from
276 sshd(8). The possible values are: QUIET, FATAL, ERROR, INFO,
277 VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO.
278 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify
279 higher levels of debugging output. Logging with a DEBUG level
280 violates the privacy of users and is not recommended.
282 MACs Specifies the available MAC (message authentication code) algo-
283 rithms. The MAC algorithm is used in protocol version 2 for data
284 integrity protection. Multiple algorithms must be comma-separat-
285 ed. The default is: ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
286 sha1-96,hmac-md5-96''.
288 Match Introduces a conditional block. If all of the criteria on the
289 Match line are satisfied, the keywords on the following lines
290 override those set in the global section of the config file, un-
291 til either another Match line or the end of the file. The argu-
292 ments to Match are one or more criteria-pattern pairs. The
293 available criteria are User, Group, Host, and Address. Only a
294 subset of keywords may be used on the lines following a Match
295 keyword. Available keywords are AllowTcpForwarding,
296 ForceCommand, GatewayPorts, PermitOpen, X11DisplayOffset,
297 X11Forwarding, and X11UseLocalHost.
300 Specifies the maximum number of authentication attempts permitted
301 per connection. Once the number of failures reaches half this
302 value, additional failures are logged. The default is 6.
305 Specifies the maximum number of concurrent unauthenticated con-
306 nections to the SSH daemon. Additional connections will be
307 dropped until authentication succeeds or the LoginGraceTime ex-
308 pires for a connection. The default is 10.
310 Alternatively, random early drop can be enabled by specifying the
311 three colon separated values ``start:rate:full'' (e.g.
312 "10:30:60"). sshd(8) will refuse connection attempts with a
313 probability of ``rate/100'' (30%) if there are currently
314 ``start'' (10) unauthenticated connections. The probability in-
315 creases linearly and all connection attempts are refused if the
316 number of unauthenticated connections reaches ``full'' (60).
318 PasswordAuthentication
319 Specifies whether password authentication is allowed. The de-
323 When password authentication is allowed, it specifies whether the
324 server allows login to accounts with empty password strings. The
328 Specifies the destinations to which TCP port forwarding is per-
329 mitted. The forwarding specification must be one of the follow-
333 PermitOpen IPv4_addr:port
334 PermitOpen [IPv6_addr]:port
336 Multiple forwards may be specified by separating them with
337 whitespace. An argument of ``any'' can be used to remove all re-
338 strictions and permit any forwarding requests. By default all
339 port forwarding requests are permitted.
342 Specifies whether root can log in using ssh(1). The argument
343 must be ``yes'', ``without-password'', ``forced-commands-only'',
344 or ``no''. The default is ``yes''.
346 If this option is set to ``without-password'', password authenti-
347 cation is disabled for root.
349 If this option is set to ``forced-commands-only'', root login
350 with public key authentication will be allowed, but only if the
351 command option has been specified (which may be useful for taking
352 remote backups even if root login is normally not allowed). All
353 other authentication methods are disabled for root.
355 If this option is set to ``no'', root is not allowed to log in.
358 Specifies whether tun(4) device forwarding is allowed. The argu-
359 ment must be ``yes'', ``point-to-point'' (layer 3), ``ethernet''
360 (layer 2), or ``no''. Specifying ``yes'' permits both ``point-
361 to-point'' and ``ethernet''. The default is ``no''.
363 PermitUserEnvironment
364 Specifies whether ~/.ssh/environment and environment= options in
365 ~/.ssh/authorized_keys are processed by sshd(8). The default is
366 ``no''. Enabling environment processing may enable users to by-
367 pass access restrictions in some configurations using mechanisms
371 Specifies the file that contains the process ID of the SSH dae-
372 mon. The default is /var/run/sshd.pid.
374 Port Specifies the port number that sshd(8) listens on. The default
375 is 22. Multiple options of this type are permitted. See also
379 Specifies whether sshd(8) should print the date and time of the
380 last user login when a user logs in interactively. The default
384 Specifies whether sshd(8) should print /etc/motd when a user logs
385 in interactively. (On some systems it is also printed by the
386 shell, /etc/profile, or equivalent.) The default is ``yes''.
389 Specifies the protocol versions sshd(8) supports. The possible
390 values are `1' and `2'. Multiple versions must be comma-separat-
391 ed. The default is ``2,1''. Note that the order of the protocol
392 list does not indicate preference, because the client selects
393 among multiple protocol versions offered by the server. Specify-
394 ing ``2,1'' is identical to ``1,2''.
397 Specifies whether public key authentication is allowed. The de-
398 fault is ``yes''. Note that this option applies to protocol ver-
401 RhostsRSAAuthentication
402 Specifies whether rhosts or /etc/hosts.equiv authentication to-
403 gether with successful RSA host authentication is allowed. The
404 default is ``no''. This option applies to protocol version 1 on-
408 Specifies whether pure RSA authentication is allowed. The de-
409 fault is ``yes''. This option applies to protocol version 1 on-
413 Defines the number of bits in the ephemeral protocol version 1
414 server key. The minimum value is 512, and the default is 768.
417 Specifies whether sshd(8) should check file modes and ownership
418 of the user's files and home directory before accepting login.
419 This is normally desirable because novices sometimes accidentally
420 leave their directory or files world-writable. The default is
424 Configures an external subsystem (e.g. file transfer daemon).
425 Arguments should be a subsystem name and a command (with optional
426 arguments) to execute upon subsystem request. The command
427 sftp-server(8) implements the ``sftp'' file transfer subsystem.
428 By default no subsystems are defined. Note that this option ap-
429 plies to protocol version 2 only.
432 Gives the facility code that is used when logging messages from
433 sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0,
434 LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de-
438 Specifies whether the system should send TCP keepalive messages
439 to the other side. If they are sent, death of the connection or
440 crash of one of the machines will be properly noticed. However,
441 this means that connections will die if the route is down tem-
442 porarily, and some people find it annoying. On the other hand,
443 if TCP keepalives are not sent, sessions may hang indefinitely on
444 the server, leaving ``ghost'' users and consuming server re-
447 The default is ``yes'' (to send TCP keepalive messages), and the
448 server will notice if the network goes down or the client host
449 crashes. This avoids infinitely hanging sessions.
451 To disable TCP keepalive messages, the value should be set to
454 UseDNS Specifies whether sshd(8) should look up the remote host name and
455 check that the resolved host name for the remote IP address maps
456 back to the very same IP address. The default is ``yes''.
459 Specifies whether login(1) is used for interactive login ses-
460 sions. The default is ``no''. Note that login(1) is never used
461 for remote command execution. Note also, that if this is en-
462 abled, X11Forwarding will be disabled because login(1) does not
463 know how to handle xauth(1) cookies. If UsePrivilegeSeparation
464 is specified, it will be disabled after authentication.
466 UsePAM Enables the Pluggable Authentication Module interface. If set to
467 ``yes'' this will enable PAM authentication using
468 ChallengeResponseAuthentication and PasswordAuthentication in ad-
469 dition to PAM account and session module processing for all au-
472 Because PAM challenge-response authentication usually serves an
473 equivalent role to password authentication, you should disable
474 either PasswordAuthentication or ChallengeResponseAuthentication.
476 If UsePAM is enabled, you will not be able to run sshd(8) as a
477 non-root user. The default is ``no''.
479 UsePrivilegeSeparation
480 Specifies whether sshd(8) separates privileges by creating an un-
481 privileged child process to deal with incoming network traffic.
482 After successful authentication, another process will be created
483 that has the privilege of the authenticated user. The goal of
484 privilege separation is to prevent privilege escalation by con-
485 taining any corruption within the unprivileged processes. The
489 Specifies the first display number available for sshd(8)'s X11
490 forwarding. This prevents sshd from interfering with real X11
491 servers. The default is 10.
494 Specifies whether X11 forwarding is permitted. The argument must
495 be ``yes'' or ``no''. The default is ``no''.
497 When X11 forwarding is enabled, there may be additional exposure
498 to the server and to client displays if the sshd(8) proxy display
499 is configured to listen on the wildcard address (see
500 X11UseLocalhost below), though this is not the default. Addi-
501 tionally, the authentication spoofing and authentication data
502 verification and substitution occur on the client side. The se-
503 curity risk of using X11 forwarding is that the client's X11 dis-
504 play server may be exposed to attack when the SSH client requests
505 forwarding (see the warnings for ForwardX11 in ssh_config(5)). A
506 system administrator may have a stance in which they want to pro-
507 tect clients that may expose themselves to attack by unwittingly
508 requesting X11 forwarding, which can warrant a ``no'' setting.
510 Note that disabling X11 forwarding does not prevent users from
511 forwarding X11 traffic, as users can always install their own
512 forwarders. X11 forwarding is automatically disabled if UseLogin
516 Specifies whether sshd(8) should bind the X11 forwarding server
517 to the loopback address or to the wildcard address. By default,
518 sshd binds the forwarding server to the loopback address and sets
519 the hostname part of the DISPLAY environment variable to
520 ``localhost''. This prevents remote hosts from connecting to the
521 proxy display. However, some older X11 clients may not function
522 with this configuration. X11UseLocalhost may be set to ``no'' to
523 specify that the forwarding server should be bound to the wild-
524 card address. The argument must be ``yes'' or ``no''. The de-
528 Specifies the full pathname of the xauth(1) program. The default
529 is /usr/X11R6/bin/xauth.
532 sshd(8) command-line arguments and configuration file options that speci-
533 fy time may be expressed using a sequence of the form: time[qualifier],
534 where time is a positive integer value and qualifier is one of the fol-
544 Each member of the sequence is added together to calculate the total time
547 Time format examples:
549 600 600 seconds (10 minutes)
551 1h30m 1 hour 30 minutes (90 minutes)
555 Contains configuration data for sshd(8). This file should be
556 writable by root only, but it is recommended (though not neces-
557 sary) that it be world-readable.
563 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
564 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
565 de Raadt and Dug Song removed many bugs, re-added newer features and cre-
566 ated OpenSSH. Markus Friedl contributed the support for SSH protocol
567 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
568 for privilege separation.
570 OpenBSD 4.0 September 25, 1999 9
andersk / gssapi-openssh.git / blob