]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | # This is ssh server systemwide configuration file. |
2 | ||
3 | Port 22 | |
d6f24e45 | 4 | #Protocol 2,1 |
8efc0c15 | 5 | ListenAddress 0.0.0.0 |
48e671d5 | 6 | #ListenAddress :: |
5f4fdfae | 7 | HostKey /etc/ssh_host_key |
fa08c86b | 8 | HostKey /etc/ssh_host_rsa_key |
9 | HostKey /etc/ssh_host_dsa_key | |
8efc0c15 | 10 | ServerKeyBits 768 |
11 | LoginGraceTime 600 | |
12 | KeyRegenerationInterval 3600 | |
13 | PermitRootLogin yes | |
5f4fdfae | 14 | # |
15 | # Don't read ~/.rhosts and ~/.shosts files | |
16 | IgnoreRhosts yes | |
17 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
18 | #IgnoreUserKnownHosts yes | |
8efc0c15 | 19 | StrictModes yes |
b4748e2f | 20 | X11Forwarding no |
8efc0c15 | 21 | X11DisplayOffset 10 |
8efc0c15 | 22 | PrintMotd yes |
23 | KeepAlive yes | |
dd092f97 | 24 | |
5f4fdfae | 25 | # Logging |
57ce3f00 | 26 | SyslogFacility AUTHPRIV |
dd092f97 | 27 | LogLevel INFO |
5f4fdfae | 28 | #obsoletes QuietMode and FascistLogging |
272b7f60 | 29 | |
dd092f97 | 30 | RhostsAuthentication no |
b4748e2f | 31 | # |
5f4fdfae | 32 | # For this to work you will also need host keys in /etc/ssh_known_hosts |
33 | RhostsRSAAuthentication no | |
b4748e2f | 34 | # |
8efc0c15 | 35 | RSAAuthentication yes |
36 | ||
37 | # To disable tunneled clear text passwords, change to no here! | |
38 | PasswordAuthentication yes | |
39 | PermitEmptyPasswords no | |
5f4fdfae | 40 | # Uncomment to disable s/key passwords |
8efc0c15 | 41 | #SkeyAuthentication no |
94ec8c6b | 42 | #KbdInteractiveAuthentication yes |
8efc0c15 | 43 | |
5f4fdfae | 44 | # To change Kerberos options |
8efc0c15 | 45 | #KerberosAuthentication no |
46 | #KerberosOrLocalPasswd yes | |
47 | #AFSTokenPassing no | |
48 | #KerberosTicketCleanup no | |
5f4fdfae | 49 | |
8efc0c15 | 50 | # Kerberos TGT Passing does only work with the AFS kaserver |
51 | #KerberosTgtPassing yes | |
5f4fdfae | 52 | |
53 | CheckMail no | |
10fa00c8 | 54 | #UseLogin no |
38c295d6 | 55 | |
b5e300c2 | 56 | # Uncomment if you want to enable sftp |
57 | #Subsystem sftp /usr/libexec/sftp-server | |
c345cf9d | 58 | #MaxStartups 10:30:60 |
eea39c02 | 59 | #Banner /etc/issue.net |