[openssh.git] / sshd_config

# This is ssh server systemwide configuration file.

Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes

#
# Loglevel replaces QuietMode and FascistLogging
#
SyslogFacility AUTH
LogLevel INFO

#
# Don't read ~/.rhosts and ~/.shosts files
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
KeepAlive yes
CheckMail no
UseLogin no
SyslogFacility AUTH
RhostsAuthentication no

#
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#
RhostsRSAAuthentication no

#
# Don't read ~/.rhosts and ~/.shosts files
#
IgnoreRhosts yes

#
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#
#IgnoreUserKnownHosts yes

RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no

#
# Uncomment to disable s/key passwords (must be compiled with s/key support)
#
#SkeyAuthentication no

#
# To change Kerberos options (must be compiled with Kerberos support)
#
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
Commit	Line	Data
8efc0c15	1	# This is ssh server systemwide configuration file.
	2
	3	Port 22
	4	ListenAddress 0.0.0.0
f1bcacf9	5	HostKey /etc/ssh/ssh_host_key
8efc0c15	6	ServerKeyBits 768
	7	LoginGraceTime 600
	8	KeyRegenerationInterval 3600
	9	PermitRootLogin yes
272b7f60	10
	11	#
	12	# Loglevel replaces QuietMode and FascistLogging
	13	#
b4748e2f	14	SyslogFacility AUTH
272b7f60	15	LogLevel INFO
272b7f60	16
8efc0c15	17	#
8efc0c15	18	# Don't read ~/.rhosts and ~/.shosts files
8efc0c15	19	StrictModes yes
b4748e2f	20	X11Forwarding no
8efc0c15	21	X11DisplayOffset 10
	22	FascistLogging no
	23	PrintMotd yes
	24	KeepAlive yes
272b7f60	25	CheckMail no
272b7f60	26	UseLogin no
8efc0c15	27	SyslogFacility AUTH
8efc0c15	28	RhostsAuthentication no
272b7f60	29
8efc0c15	30	#
f1bcacf9	31	# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
8efc0c15	32	#
272b7f60	33	RhostsRSAAuthentication no
272b7f60	34
b4748e2f	35	#
	36	# Don't read ~/.rhosts and ~/.shosts files
	37	#
	38	IgnoreRhosts yes
	39
	40	#
	41	# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
	42	#
	43	#IgnoreUserKnownHosts yes
	44
8efc0c15	45	RSAAuthentication yes
	46
	47	# To disable tunneled clear text passwords, change to no here!
	48	PasswordAuthentication yes
	49	PermitEmptyPasswords no
272b7f60	50
	51	#
	52	# Uncomment to disable s/key passwords (must be compiled with s/key support)
	53	#
8efc0c15	54	#SkeyAuthentication no
8efc0c15	55
272b7f60	56	#
	57	# To change Kerberos options (must be compiled with Kerberos support)
	58	#
8efc0c15	59	#KerberosAuthentication no
	60	#KerberosOrLocalPasswd yes
	61	#AFSTokenPassing no
	62	#KerberosTicketCleanup no
8efc0c15	63	# Kerberos TGT Passing does only work with the AFS kaserver
8efc0c15	64	#KerberosTgtPassing yes