Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 34132e54cbd221d17d373fc54f4e3f7b85727f7f / . / sshd_config.in
blob: cb2c56e05a3ef2fc57560d2cf192115cac7701b5 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]1# This is ssh server systemwide configuration file.
2
3Port 22
4ListenAddress 0.0.0.0
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame^]5#ListenAddress ::
Damien Millerc0d73901999-12-27 09:23:58 +1100[diff] [blame]6HostKey @sysconfdir@/ssh_host_key
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]7ServerKeyBits 768
8LoginGraceTime 600
9KeyRegenerationInterval 3600
10PermitRootLogin yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]11StrictModes yes
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]12X11Forwarding no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]13X11DisplayOffset 10
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]14PrintMotd yes
15KeepAlive yes
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]16CheckMail no
17UseLogin no
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]18
19#
20# Loglevel replaces QuietMode and FascistLogging
21#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]22SyslogFacility AUTH
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]23LogLevel INFO
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]24
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]25#
Damien Millera37010e1999-10-29 09:18:29 +1000[diff] [blame]26# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]27#
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]28RhostsRSAAuthentication no
29
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]30#
31# Don't read ~/.rhosts and ~/.shosts files
32#
33IgnoreRhosts yes
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]34RhostsAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]35
36#
37# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
38#
39#IgnoreUserKnownHosts yes
40
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]41RSAAuthentication yes
42
43# To disable tunneled clear text passwords, change to no here!
44PasswordAuthentication yes
45PermitEmptyPasswords no
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]46
47#
48# Uncomment to disable s/key passwords (must be compiled with s/key support)
49#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]50#SkeyAuthentication no
51
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]52#
53# To change Kerberos options (must be compiled with Kerberos support)
54#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]55#KerberosAuthentication no
56#KerberosOrLocalPasswd yes
57#AFSTokenPassing no
58#KerberosTicketCleanup no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]59# Kerberos TGT Passing does only work with the AFS kaserver
60#KerberosTgtPassing yes