[openssh.git] / sshd_config

# This is ssh server systemwide configuration file.

Port 22
#Protocol 2,1
ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh_host_key
HostKey /etc/ssh_host_rsa_key
HostKey /etc/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes

# Logging
SyslogFacility AUTHPRIV
LogLevel INFO
#obsoletes QuietMode and FascistLogging

RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords 
#SkeyAuthentication no
#KbdInteractiveAuthentication yes

# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

CheckMail no
#UseLogin no

# Uncomment if you want to enable sftp
#Subsystem	sftp	/usr/libexec/sftp-server
#MaxStartups 10:30:60
#Banner /etc/issue.net
Commit	Line	Data
8efc0c15	1	# This is ssh server systemwide configuration file.
	2
	3	Port 22
d6f24e45	4	#Protocol 2,1
8efc0c15	5	ListenAddress 0.0.0.0
48e671d5	6	#ListenAddress ::
5f4fdfae	7	HostKey /etc/ssh_host_key
fa08c86b	8	HostKey /etc/ssh_host_rsa_key
fa08c86b	9	HostKey /etc/ssh_host_dsa_key
8efc0c15	10	ServerKeyBits 768
	11	LoginGraceTime 600
	12	KeyRegenerationInterval 3600
	13	PermitRootLogin yes
5f4fdfae	14	#
	15	# Don't read ~/.rhosts and ~/.shosts files
	16	IgnoreRhosts yes
	17	# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
	18	#IgnoreUserKnownHosts yes
8efc0c15	19	StrictModes yes
b4748e2f	20	X11Forwarding no
8efc0c15	21	X11DisplayOffset 10
8efc0c15	22	PrintMotd yes
8efc0c15	23	KeepAlive yes
dd092f97	24
5f4fdfae	25	# Logging
57ce3f00	26	SyslogFacility AUTHPRIV
dd092f97	27	LogLevel INFO
5f4fdfae	28	#obsoletes QuietMode and FascistLogging
272b7f60	29
dd092f97	30	RhostsAuthentication no
b4748e2f	31	#
5f4fdfae	32	# For this to work you will also need host keys in /etc/ssh_known_hosts
5f4fdfae	33	RhostsRSAAuthentication no
b4748e2f	34	#
8efc0c15	35	RSAAuthentication yes
	36
	37	# To disable tunneled clear text passwords, change to no here!
	38	PasswordAuthentication yes
	39	PermitEmptyPasswords no
5f4fdfae	40	# Uncomment to disable s/key passwords
8efc0c15	41	#SkeyAuthentication no
94ec8c6b	42	#KbdInteractiveAuthentication yes
8efc0c15	43
5f4fdfae	44	# To change Kerberos options
8efc0c15	45	#KerberosAuthentication no
	46	#KerberosOrLocalPasswd yes
	47	#AFSTokenPassing no
	48	#KerberosTicketCleanup no
5f4fdfae	49
8efc0c15	50	# Kerberos TGT Passing does only work with the AFS kaserver
8efc0c15	51	#KerberosTgtPassing yes
5f4fdfae	52
5f4fdfae	53	CheckMail no
10fa00c8	54	#UseLogin no
38c295d6	55
b5e300c2	56	# Uncomment if you want to enable sftp
b5e300c2	57	#Subsystem sftp /usr/libexec/sftp-server
c345cf9d	58	#MaxStartups 10:30:60
eea39c02	59	#Banner /etc/issue.net