Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 192bd0120af04477b5b18e5f6caef162219c1c12 / . / sshd_config
blob: ee6af5f8bdb3a650e1296dd8ed34d2761c56ca84 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]1# This is ssh server systemwide configuration file.
2
3Port 22
4ListenAddress 0.0.0.0
Damien Millera37010e1999-10-29 09:18:29 +1000[diff] [blame]5HostKey /etc/ssh/ssh_host_key
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]6ServerKeyBits 768
7LoginGraceTime 600
8KeyRegenerationInterval 3600
9PermitRootLogin yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]10StrictModes yes
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]11X11Forwarding no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]12X11DisplayOffset 10
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]13PrintMotd yes
14KeepAlive yes
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]15CheckMail no
16UseLogin no
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame^]17
18#
19# Loglevel replaces QuietMode and FascistLogging
20#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]21SyslogFacility AUTH
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame^]22LogLevel INFO
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]23
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]24#
Damien Millera37010e1999-10-29 09:18:29 +1000[diff] [blame]25# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]26#
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]27RhostsRSAAuthentication no
28
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]29#
30# Don't read ~/.rhosts and ~/.shosts files
31#
32IgnoreRhosts yes
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame^]33RhostsAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]34
35#
36# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
37#
38#IgnoreUserKnownHosts yes
39
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]40RSAAuthentication yes
41
42# To disable tunneled clear text passwords, change to no here!
43PasswordAuthentication yes
44PermitEmptyPasswords no
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]45
46#
47# Uncomment to disable s/key passwords (must be compiled with s/key support)
48#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]49#SkeyAuthentication no
50
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]51#
52# To change Kerberos options (must be compiled with Kerberos support)
53#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]54#KerberosAuthentication no
55#KerberosOrLocalPasswd yes
56#AFSTokenPassing no
57#KerberosTicketCleanup no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]58# Kerberos TGT Passing does only work with the AFS kaserver
59#KerberosTgtPassing yes