1 # $OpenBSD: sshd_config,v 1.40 2001/05/31 13:08:04 markus Exp $
3 # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
5 # This is the sshd server system-wide configuration file. See sshd(8)
6 # for more information.
10 #ListenAddress 0.0.0.0
13 # HostKey for protocol version 1
14 HostKey /etc/ssh_host_key
15 # HostKeys for protocol version 2
16 HostKey /etc/ssh_host_rsa_key
17 HostKey /etc/ssh_host_dsa_key
19 # Lifetime and size of ephemeral version 1 server key
20 KeyRegenerationInterval 3600
26 #obsoletes QuietMode and FascistLogging
35 PubkeyAuthentication yes
36 #AuthorizedKeysFile %h/.ssh/authorized_keys
37 #AuthorizedKeysFile2 %h/.ssh/authorized_keys2
39 # rhosts authentication should not be used
40 RhostsAuthentication no
41 # Don't read the user's ~/.rhosts and ~/.shosts files
43 # For this to work you will also need host keys in /etc/ssh_known_hosts
44 RhostsRSAAuthentication no
45 # similar for protocol version 2
46 HostbasedAuthentication no
47 # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
48 #IgnoreUserKnownHosts yes
50 # To disable tunneled clear text passwords, change to no here!
51 PasswordAuthentication yes
52 PermitEmptyPasswords no
54 # Uncomment to disable s/key passwords
55 #ChallengeResponseAuthentication no
57 # Uncomment to enable PAM keyboard-interactive authentication
58 # Warning: enabling this may bypass the setting of 'PasswordAuthentication'
59 #PAMAuthenticationViaKbdInt yes
61 # To change Kerberos options
62 #KerberosAuthentication no
63 #KerberosOrLocalPasswd yes
65 #KerberosTicketCleanup no
67 # Kerberos TGT Passing does only work with the AFS kaserver
68 #KerberosTgtPassing yes
79 #Banner /etc/issue.net
80 #ReverseMappingCheck yes
82 Subsystem sftp /usr/libexec/sftp-server