]>
Commit | Line | Data |
---|---|---|
23c2a7a5 | 1 | # $OpenBSD: sshd_config,v 1.27 2001/01/29 01:58:19 niklas Exp $ |
2 | ||
8efc0c15 | 3 | # This is ssh server systemwide configuration file. |
4 | ||
5 | Port 22 | |
d6f24e45 | 6 | #Protocol 2,1 |
adc83ebf | 7 | #ListenAddress 0.0.0.0 |
48e671d5 | 8 | #ListenAddress :: |
5f4fdfae | 9 | HostKey /etc/ssh_host_key |
fa08c86b | 10 | HostKey /etc/ssh_host_dsa_key |
adc83ebf | 11 | #HostKey /etc/ssh_host_rsa_key |
8efc0c15 | 12 | ServerKeyBits 768 |
13 | LoginGraceTime 600 | |
14 | KeyRegenerationInterval 3600 | |
15 | PermitRootLogin yes | |
5f4fdfae | 16 | # |
17 | # Don't read ~/.rhosts and ~/.shosts files | |
18 | IgnoreRhosts yes | |
19 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
20 | #IgnoreUserKnownHosts yes | |
8efc0c15 | 21 | StrictModes yes |
b4748e2f | 22 | X11Forwarding no |
8efc0c15 | 23 | X11DisplayOffset 10 |
8efc0c15 | 24 | PrintMotd yes |
25 | KeepAlive yes | |
dd092f97 | 26 | |
5f4fdfae | 27 | # Logging |
adc83ebf | 28 | SyslogFacility AUTH |
dd092f97 | 29 | LogLevel INFO |
5f4fdfae | 30 | #obsoletes QuietMode and FascistLogging |
272b7f60 | 31 | |
dd092f97 | 32 | RhostsAuthentication no |
b4748e2f | 33 | # |
5f4fdfae | 34 | # For this to work you will also need host keys in /etc/ssh_known_hosts |
35 | RhostsRSAAuthentication no | |
b4748e2f | 36 | # |
8efc0c15 | 37 | RSAAuthentication yes |
38 | ||
39 | # To disable tunneled clear text passwords, change to no here! | |
40 | PasswordAuthentication yes | |
41 | PermitEmptyPasswords no | |
5f4fdfae | 42 | # Uncomment to disable s/key passwords |
8efc0c15 | 43 | #SkeyAuthentication no |
94ec8c6b | 44 | #KbdInteractiveAuthentication yes |
8efc0c15 | 45 | |
5f4fdfae | 46 | # To change Kerberos options |
8efc0c15 | 47 | #KerberosAuthentication no |
48 | #KerberosOrLocalPasswd yes | |
49 | #AFSTokenPassing no | |
50 | #KerberosTicketCleanup no | |
5f4fdfae | 51 | |
8efc0c15 | 52 | # Kerberos TGT Passing does only work with the AFS kaserver |
53 | #KerberosTgtPassing yes | |
5f4fdfae | 54 | |
adc83ebf | 55 | #CheckMail yes |
10fa00c8 | 56 | #UseLogin no |
38c295d6 | 57 | |
b5e300c2 | 58 | # Uncomment if you want to enable sftp |
59 | #Subsystem sftp /usr/libexec/sftp-server | |
c345cf9d | 60 | #MaxStartups 10:30:60 |
eea39c02 | 61 | #Banner /etc/issue.net |