]>
Commit | Line | Data |
---|---|---|
c8445989 | 1 | # $OpenBSD: sshd_config,v 1.39 2001/05/20 17:20:36 markus Exp $ |
23c2a7a5 | 2 | |
b2d818e6 | 3 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin |
4 | ||
61e96248 | 5 | # This is the sshd server system-wide configuration file. See sshd(8) |
6 | # for more information. | |
8efc0c15 | 7 | |
8 | Port 22 | |
d6f24e45 | 9 | #Protocol 2,1 |
adc83ebf | 10 | #ListenAddress 0.0.0.0 |
48e671d5 | 11 | #ListenAddress :: |
5f4fdfae | 12 | HostKey /etc/ssh_host_key |
e2fccec3 | 13 | HostKey /etc/ssh_host_rsa_key |
582038fb | 14 | HostKey /etc/ssh_host_dsa_key |
8efc0c15 | 15 | ServerKeyBits 768 |
16 | LoginGraceTime 600 | |
17 | KeyRegenerationInterval 3600 | |
18 | PermitRootLogin yes | |
5f4fdfae | 19 | # |
20 | # Don't read ~/.rhosts and ~/.shosts files | |
21 | IgnoreRhosts yes | |
22 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
23 | #IgnoreUserKnownHosts yes | |
8efc0c15 | 24 | StrictModes yes |
b4748e2f | 25 | X11Forwarding no |
8efc0c15 | 26 | X11DisplayOffset 10 |
8efc0c15 | 27 | PrintMotd yes |
4f4648f9 | 28 | #PrintLastLog no |
8efc0c15 | 29 | KeepAlive yes |
dd092f97 | 30 | |
5f4fdfae | 31 | # Logging |
adc83ebf | 32 | SyslogFacility AUTH |
dd092f97 | 33 | LogLevel INFO |
5f4fdfae | 34 | #obsoletes QuietMode and FascistLogging |
272b7f60 | 35 | |
dd092f97 | 36 | RhostsAuthentication no |
b4748e2f | 37 | # |
5f4fdfae | 38 | # For this to work you will also need host keys in /etc/ssh_known_hosts |
39 | RhostsRSAAuthentication no | |
8002af61 | 40 | # similar for protocol version 2 |
41 | HostbasedAuthentication no | |
b4748e2f | 42 | # |
8efc0c15 | 43 | RSAAuthentication yes |
c8445989 | 44 | PubkeyAuthentication yes |
45 | #AuthorizedKeysFile %h/.ssh/authorized_keys | |
46 | #AuthorizedKeysFile2 %h/.ssh/authorized_keys2 | |
8efc0c15 | 47 | |
48 | # To disable tunneled clear text passwords, change to no here! | |
49 | PasswordAuthentication yes | |
50 | PermitEmptyPasswords no | |
61e96248 | 51 | |
10f72868 | 52 | # Uncomment to disable s/key passwords |
53 | #ChallengeResponseAuthentication no | |
54 | ||
55 | # Uncomment to enable PAM keyboard-interactive authentication | |
56 | # Warning: enabling this may bypass the setting of 'PasswordAuthentication' | |
57 | #PAMAuthenticationViaKbdInt yes | |
8efc0c15 | 58 | |
5f4fdfae | 59 | # To change Kerberos options |
8efc0c15 | 60 | #KerberosAuthentication no |
61 | #KerberosOrLocalPasswd yes | |
62 | #AFSTokenPassing no | |
63 | #KerberosTicketCleanup no | |
5f4fdfae | 64 | |
8efc0c15 | 65 | # Kerberos TGT Passing does only work with the AFS kaserver |
66 | #KerberosTgtPassing yes | |
5f4fdfae | 67 | |
adc83ebf | 68 | #CheckMail yes |
10fa00c8 | 69 | #UseLogin no |
38c295d6 | 70 | |
c345cf9d | 71 | #MaxStartups 10:30:60 |
eea39c02 | 72 | #Banner /etc/issue.net |
61e96248 | 73 | #ReverseMappingCheck yes |
7bbcc167 | 74 | |
75 | Subsystem sftp /usr/libexec/sftp-server |