]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | # This is ssh server systemwide configuration file. |
2 | ||
3 | Port 22 | |
4 | ListenAddress 0.0.0.0 | |
f1bcacf9 | 5 | HostKey /etc/ssh/ssh_host_key |
8efc0c15 | 6 | ServerKeyBits 768 |
7 | LoginGraceTime 600 | |
8 | KeyRegenerationInterval 3600 | |
9 | PermitRootLogin yes | |
272b7f60 | 10 | |
11 | # | |
12 | # Loglevel replaces QuietMode and FascistLogging | |
13 | # | |
b4748e2f | 14 | SyslogFacility AUTH |
272b7f60 | 15 | LogLevel INFO |
16 | ||
8efc0c15 | 17 | # |
18 | # Don't read ~/.rhosts and ~/.shosts files | |
8efc0c15 | 19 | StrictModes yes |
b4748e2f | 20 | X11Forwarding no |
8efc0c15 | 21 | X11DisplayOffset 10 |
22 | FascistLogging no | |
23 | PrintMotd yes | |
24 | KeepAlive yes | |
272b7f60 | 25 | CheckMail no |
26 | UseLogin no | |
8efc0c15 | 27 | SyslogFacility AUTH |
28 | RhostsAuthentication no | |
272b7f60 | 29 | |
8efc0c15 | 30 | # |
f1bcacf9 | 31 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts |
8efc0c15 | 32 | # |
272b7f60 | 33 | RhostsRSAAuthentication no |
34 | ||
b4748e2f | 35 | # |
36 | # Don't read ~/.rhosts and ~/.shosts files | |
37 | # | |
38 | IgnoreRhosts yes | |
39 | ||
40 | # | |
41 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
42 | # | |
43 | #IgnoreUserKnownHosts yes | |
44 | ||
8efc0c15 | 45 | RSAAuthentication yes |
46 | ||
47 | # To disable tunneled clear text passwords, change to no here! | |
48 | PasswordAuthentication yes | |
49 | PermitEmptyPasswords no | |
272b7f60 | 50 | |
51 | # | |
52 | # Uncomment to disable s/key passwords (must be compiled with s/key support) | |
53 | # | |
8efc0c15 | 54 | #SkeyAuthentication no |
55 | ||
272b7f60 | 56 | # |
57 | # To change Kerberos options (must be compiled with Kerberos support) | |
58 | # | |
8efc0c15 | 59 | #KerberosAuthentication no |
60 | #KerberosOrLocalPasswd yes | |
61 | #AFSTokenPassing no | |
62 | #KerberosTicketCleanup no | |
8efc0c15 | 63 | # Kerberos TGT Passing does only work with the AFS kaserver |
64 | #KerberosTgtPassing yes |