]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | # This is ssh server systemwide configuration file. |
2 | ||
3 | Port 22 | |
4 | ListenAddress 0.0.0.0 | |
f1bcacf9 | 5 | HostKey /etc/ssh/ssh_host_key |
8efc0c15 | 6 | ServerKeyBits 768 |
7 | LoginGraceTime 600 | |
8 | KeyRegenerationInterval 3600 | |
9 | PermitRootLogin yes | |
272b7f60 | 10 | |
11 | # | |
12 | # Loglevel replaces QuietMode and FascistLogging | |
13 | # | |
b4748e2f | 14 | SyslogFacility AUTH |
272b7f60 | 15 | LogLevel INFO |
16 | ||
8efc0c15 | 17 | # |
18 | # Don't read ~/.rhosts and ~/.shosts files | |
8efc0c15 | 19 | StrictModes yes |
b4748e2f | 20 | X11Forwarding no |
8efc0c15 | 21 | X11DisplayOffset 10 |
8efc0c15 | 22 | PrintMotd yes |
23 | KeepAlive yes | |
272b7f60 | 24 | CheckMail no |
25 | UseLogin no | |
8efc0c15 | 26 | SyslogFacility AUTH |
27 | RhostsAuthentication no | |
272b7f60 | 28 | |
8efc0c15 | 29 | # |
f1bcacf9 | 30 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts |
8efc0c15 | 31 | # |
272b7f60 | 32 | RhostsRSAAuthentication no |
33 | ||
b4748e2f | 34 | # |
35 | # Don't read ~/.rhosts and ~/.shosts files | |
36 | # | |
37 | IgnoreRhosts yes | |
38 | ||
39 | # | |
40 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
41 | # | |
42 | #IgnoreUserKnownHosts yes | |
43 | ||
8efc0c15 | 44 | RSAAuthentication yes |
45 | ||
46 | # To disable tunneled clear text passwords, change to no here! | |
47 | PasswordAuthentication yes | |
48 | PermitEmptyPasswords no | |
272b7f60 | 49 | |
50 | # | |
51 | # Uncomment to disable s/key passwords (must be compiled with s/key support) | |
52 | # | |
8efc0c15 | 53 | #SkeyAuthentication no |
54 | ||
272b7f60 | 55 | # |
56 | # To change Kerberos options (must be compiled with Kerberos support) | |
57 | # | |
8efc0c15 | 58 | #KerberosAuthentication no |
59 | #KerberosOrLocalPasswd yes | |
60 | #AFSTokenPassing no | |
61 | #KerberosTicketCleanup no | |
8efc0c15 | 62 | # Kerberos TGT Passing does only work with the AFS kaserver |
63 | #KerberosTgtPassing yes |