[openssh.git] / sshd_config

# This is ssh server systemwide configuration file.

Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes

#
# Loglevel replaces QuietMode and FascistLogging
#
SyslogFacility AUTH
LogLevel INFO

#
# Don't read ~/.rhosts and ~/.shosts files
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
CheckMail no
UseLogin no
SyslogFacility AUTH
RhostsAuthentication no

#
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#
RhostsRSAAuthentication no

#
# Don't read ~/.rhosts and ~/.shosts files
#
IgnoreRhosts yes

#
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#
#IgnoreUserKnownHosts yes

RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no

#
# Uncomment to disable s/key passwords (must be compiled with s/key support)
#
#SkeyAuthentication no

#
# To change Kerberos options (must be compiled with Kerberos support)
#
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
Commit	Line	Data
8efc0c15	1	# This is ssh server systemwide configuration file.
	2
	3	Port 22
	4	ListenAddress 0.0.0.0
f1bcacf9	5	HostKey /etc/ssh/ssh_host_key
8efc0c15	6	ServerKeyBits 768
	7	LoginGraceTime 600
	8	KeyRegenerationInterval 3600
	9	PermitRootLogin yes
272b7f60	10
	11	#
	12	# Loglevel replaces QuietMode and FascistLogging
	13	#
b4748e2f	14	SyslogFacility AUTH
272b7f60	15	LogLevel INFO
272b7f60	16
8efc0c15	17	#
8efc0c15	18	# Don't read ~/.rhosts and ~/.shosts files
8efc0c15	19	StrictModes yes
b4748e2f	20	X11Forwarding no
8efc0c15	21	X11DisplayOffset 10
8efc0c15	22	PrintMotd yes
8efc0c15	23	KeepAlive yes
272b7f60	24	CheckMail no
272b7f60	25	UseLogin no
8efc0c15	26	SyslogFacility AUTH
8efc0c15	27	RhostsAuthentication no
272b7f60	28
8efc0c15	29	#
f1bcacf9	30	# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
8efc0c15	31	#
272b7f60	32	RhostsRSAAuthentication no
272b7f60	33
b4748e2f	34	#
	35	# Don't read ~/.rhosts and ~/.shosts files
	36	#
	37	IgnoreRhosts yes
	38
	39	#
	40	# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
	41	#
	42	#IgnoreUserKnownHosts yes
	43
8efc0c15	44	RSAAuthentication yes
	45
	46	# To disable tunneled clear text passwords, change to no here!
	47	PasswordAuthentication yes
	48	PermitEmptyPasswords no
272b7f60	49
	50	#
	51	# Uncomment to disable s/key passwords (must be compiled with s/key support)
	52	#
8efc0c15	53	#SkeyAuthentication no
8efc0c15	54
272b7f60	55	#
	56	# To change Kerberos options (must be compiled with Kerberos support)
	57	#
8efc0c15	58	#KerberosAuthentication no
	59	#KerberosOrLocalPasswd yes
	60	#AFSTokenPassing no
	61	#KerberosTicketCleanup no
8efc0c15	62	# Kerberos TGT Passing does only work with the AFS kaserver
8efc0c15	63	#KerberosTgtPassing yes