[openssh.git] / sshd_config

#	$OpenBSD: sshd_config,v 1.27 2001/01/29 01:58:19 niklas Exp $

# This is ssh server systemwide configuration file.

Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh_host_key
HostKey /etc/ssh_host_dsa_key
#HostKey /etc/ssh_host_rsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes

# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging

RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords 
#SkeyAuthentication no
#KbdInteractiveAuthentication yes

# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

#CheckMail yes
#UseLogin no

# Uncomment if you want to enable sftp
#Subsystem	sftp	/usr/libexec/sftp-server
#MaxStartups 10:30:60
#Banner /etc/issue.net
Commit	Line	Data
23c2a7a5	1	# $OpenBSD: sshd_config,v 1.27 2001/01/29 01:58:19 niklas Exp $
23c2a7a5	2
8efc0c15	3	# This is ssh server systemwide configuration file.
	4
	5	Port 22
d6f24e45	6	#Protocol 2,1
adc83ebf	7	#ListenAddress 0.0.0.0
48e671d5	8	#ListenAddress ::
5f4fdfae	9	HostKey /etc/ssh_host_key
fa08c86b	10	HostKey /etc/ssh_host_dsa_key
adc83ebf	11	#HostKey /etc/ssh_host_rsa_key
8efc0c15	12	ServerKeyBits 768
	13	LoginGraceTime 600
	14	KeyRegenerationInterval 3600
	15	PermitRootLogin yes
5f4fdfae	16	#
	17	# Don't read ~/.rhosts and ~/.shosts files
	18	IgnoreRhosts yes
	19	# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
	20	#IgnoreUserKnownHosts yes
8efc0c15	21	StrictModes yes
b4748e2f	22	X11Forwarding no
8efc0c15	23	X11DisplayOffset 10
8efc0c15	24	PrintMotd yes
8efc0c15	25	KeepAlive yes
dd092f97	26
5f4fdfae	27	# Logging
adc83ebf	28	SyslogFacility AUTH
dd092f97	29	LogLevel INFO
5f4fdfae	30	#obsoletes QuietMode and FascistLogging
272b7f60	31
dd092f97	32	RhostsAuthentication no
b4748e2f	33	#
5f4fdfae	34	# For this to work you will also need host keys in /etc/ssh_known_hosts
5f4fdfae	35	RhostsRSAAuthentication no
b4748e2f	36	#
8efc0c15	37	RSAAuthentication yes
	38
	39	# To disable tunneled clear text passwords, change to no here!
	40	PasswordAuthentication yes
	41	PermitEmptyPasswords no
5f4fdfae	42	# Uncomment to disable s/key passwords
8efc0c15	43	#SkeyAuthentication no
94ec8c6b	44	#KbdInteractiveAuthentication yes
8efc0c15	45
5f4fdfae	46	# To change Kerberos options
8efc0c15	47	#KerberosAuthentication no
	48	#KerberosOrLocalPasswd yes
	49	#AFSTokenPassing no
	50	#KerberosTicketCleanup no
5f4fdfae	51
8efc0c15	52	# Kerberos TGT Passing does only work with the AFS kaserver
8efc0c15	53	#KerberosTgtPassing yes
5f4fdfae	54
adc83ebf	55	#CheckMail yes
10fa00c8	56	#UseLogin no
38c295d6	57
b5e300c2	58	# Uncomment if you want to enable sftp
b5e300c2	59	#Subsystem sftp /usr/libexec/sftp-server
c345cf9d	60	#MaxStartups 10:30:60
eea39c02	61	#Banner /etc/issue.net