]>
Commit | Line | Data |
---|---|---|
8002af61 | 1 | # $OpenBSD: sshd_config,v 1.36 2001/04/12 19:15:26 markus Exp $ |
23c2a7a5 | 2 | |
b2d818e6 | 3 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin |
4 | ||
61e96248 | 5 | # This is the sshd server system-wide configuration file. See sshd(8) |
6 | # for more information. | |
8efc0c15 | 7 | |
8 | Port 22 | |
d6f24e45 | 9 | #Protocol 2,1 |
adc83ebf | 10 | #ListenAddress 0.0.0.0 |
48e671d5 | 11 | #ListenAddress :: |
5f4fdfae | 12 | HostKey /etc/ssh_host_key |
e2fccec3 | 13 | HostKey /etc/ssh_host_rsa_key |
582038fb | 14 | HostKey /etc/ssh_host_dsa_key |
8efc0c15 | 15 | ServerKeyBits 768 |
16 | LoginGraceTime 600 | |
17 | KeyRegenerationInterval 3600 | |
18 | PermitRootLogin yes | |
5f4fdfae | 19 | # |
20 | # Don't read ~/.rhosts and ~/.shosts files | |
21 | IgnoreRhosts yes | |
22 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
23 | #IgnoreUserKnownHosts yes | |
8efc0c15 | 24 | StrictModes yes |
b4748e2f | 25 | X11Forwarding no |
8efc0c15 | 26 | X11DisplayOffset 10 |
8efc0c15 | 27 | PrintMotd yes |
4f4648f9 | 28 | #PrintLastLog no |
8efc0c15 | 29 | KeepAlive yes |
dd092f97 | 30 | |
5f4fdfae | 31 | # Logging |
adc83ebf | 32 | SyslogFacility AUTH |
dd092f97 | 33 | LogLevel INFO |
5f4fdfae | 34 | #obsoletes QuietMode and FascistLogging |
272b7f60 | 35 | |
dd092f97 | 36 | RhostsAuthentication no |
b4748e2f | 37 | # |
5f4fdfae | 38 | # For this to work you will also need host keys in /etc/ssh_known_hosts |
39 | RhostsRSAAuthentication no | |
8002af61 | 40 | # similar for protocol version 2 |
41 | HostbasedAuthentication no | |
b4748e2f | 42 | # |
8efc0c15 | 43 | RSAAuthentication yes |
44 | ||
45 | # To disable tunneled clear text passwords, change to no here! | |
46 | PasswordAuthentication yes | |
47 | PermitEmptyPasswords no | |
61e96248 | 48 | |
78c8106e | 49 | # Comment to enable s/key passwords or PAM interactive authentication |
a4618c05 | 50 | # NB. Neither of these are compiled in by default. Please read the |
51 | # notes in the sshd(8) manpage before enabling this on a PAM system. | |
78c8106e | 52 | ChallengeResponseAuthentication no |
8efc0c15 | 53 | |
5f4fdfae | 54 | # To change Kerberos options |
8efc0c15 | 55 | #KerberosAuthentication no |
56 | #KerberosOrLocalPasswd yes | |
57 | #AFSTokenPassing no | |
58 | #KerberosTicketCleanup no | |
5f4fdfae | 59 | |
8efc0c15 | 60 | # Kerberos TGT Passing does only work with the AFS kaserver |
61 | #KerberosTgtPassing yes | |
5f4fdfae | 62 | |
adc83ebf | 63 | #CheckMail yes |
10fa00c8 | 64 | #UseLogin no |
38c295d6 | 65 | |
c345cf9d | 66 | #MaxStartups 10:30:60 |
eea39c02 | 67 | #Banner /etc/issue.net |
61e96248 | 68 | #ReverseMappingCheck yes |
7bbcc167 | 69 | |
70 | Subsystem sftp /usr/libexec/sftp-server |