]>
Commit | Line | Data |
---|---|---|
1 | # This is ssh server systemwide configuration file. | |
2 | ||
3 | Port 22 | |
4 | ListenAddress 0.0.0.0 | |
5 | HostKey /etc/ssh/ssh_host_key | |
6 | ServerKeyBits 768 | |
7 | LoginGraceTime 600 | |
8 | KeyRegenerationInterval 3600 | |
9 | PermitRootLogin yes | |
10 | ||
11 | # | |
12 | # Loglevel replaces QuietMode and FascistLogging | |
13 | # | |
14 | SyslogFacility AUTH | |
15 | LogLevel INFO | |
16 | ||
17 | # | |
18 | # Don't read ~/.rhosts and ~/.shosts files | |
19 | StrictModes yes | |
20 | X11Forwarding no | |
21 | X11DisplayOffset 10 | |
22 | PrintMotd yes | |
23 | KeepAlive yes | |
24 | CheckMail no | |
25 | UseLogin no | |
26 | SyslogFacility AUTH | |
27 | RhostsAuthentication no | |
28 | ||
29 | # | |
30 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | |
31 | # | |
32 | RhostsRSAAuthentication no | |
33 | ||
34 | # | |
35 | # Don't read ~/.rhosts and ~/.shosts files | |
36 | # | |
37 | IgnoreRhosts yes | |
38 | ||
39 | # | |
40 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | |
41 | # | |
42 | #IgnoreUserKnownHosts yes | |
43 | ||
44 | RSAAuthentication yes | |
45 | ||
46 | # To disable tunneled clear text passwords, change to no here! | |
47 | PasswordAuthentication yes | |
48 | PermitEmptyPasswords no | |
49 | ||
50 | # | |
51 | # Uncomment to disable s/key passwords (must be compiled with s/key support) | |
52 | # | |
53 | #SkeyAuthentication no | |
54 | ||
55 | # | |
56 | # To change Kerberos options (must be compiled with Kerberos support) | |
57 | # | |
58 | #KerberosAuthentication no | |
59 | #KerberosOrLocalPasswd yes | |
60 | #AFSTokenPassing no | |
61 | #KerberosTicketCleanup no | |
62 | # Kerberos TGT Passing does only work with the AFS kaserver | |
63 | #KerberosTgtPassing yes |