Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 34bb0c7431d4e41e506eb51cc4a39251110d3f49 / . / sshd_config
blob: 8d0af1060897d92b8c77937ed2f511ae44437ef1 [file] [log] [blame]
Ben Lindstrome9d04442001-02-10 23:26:35 +0000[diff] [blame]1# $OpenBSD: sshd_config,v 1.32 2001/02/06 22:07:50 deraadt Exp $
Ben Lindstrom36579d32001-01-29 07:39:26 +0000[diff] [blame]2
Damien Miller33804262001-02-04 23:20:18 +1100[diff] [blame]3# This is the sshd server system-wide configuration file. See sshd(8)
4# for more information.
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]5
6Port 22
Damien Miller8bb73be2000-04-19 16:26:12 +1000[diff] [blame]7#Protocol 2,1
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame]8#ListenAddress 0.0.0.0
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]9#ListenAddress ::
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]10HostKey /etc/ssh_host_key
Damien Miller0bc1bd82000-11-13 22:57:25 +1100[diff] [blame]11HostKey /etc/ssh_host_dsa_key
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame]12#HostKey /etc/ssh_host_rsa_key
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]13ServerKeyBits 768
14LoginGraceTime 600
15KeyRegenerationInterval 3600
16PermitRootLogin yes
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]17#
18# Don't read ~/.rhosts and ~/.shosts files
19IgnoreRhosts yes
20# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
21#IgnoreUserKnownHosts yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]22StrictModes yes
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]23X11Forwarding no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]24X11DisplayOffset 10
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]25PrintMotd yes
26KeepAlive yes
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]27
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]28# Logging
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame]29SyslogFacility AUTH
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]30LogLevel INFO
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]31#obsoletes QuietMode and FascistLogging
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]32
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]33RhostsAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]34#
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]35# For this to work you will also need host keys in /etc/ssh_known_hosts
36RhostsRSAAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]37#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]38RSAAuthentication yes
39
40# To disable tunneled clear text passwords, change to no here!
41PasswordAuthentication yes
42PermitEmptyPasswords no
Damien Miller33804262001-02-04 23:20:18 +1100[diff] [blame]43
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]44# Uncomment to disable s/key passwords
Ben Lindstrome9d04442001-02-10 23:26:35 +0000[diff] [blame]45#ChallengeResponseAuthentication no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]46
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]47# To change Kerberos options
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]48#KerberosAuthentication no
49#KerberosOrLocalPasswd yes
50#AFSTokenPassing no
51#KerberosTicketCleanup no
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]52
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]53# Kerberos TGT Passing does only work with the AFS kaserver
54#KerberosTgtPassing yes
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]55
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame]56#CheckMail yes
Damien Millerc30d35c2000-08-30 09:40:09 +1100[diff] [blame]57#UseLogin no
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]58
Damien Miller942da032000-08-18 13:59:06 +1000[diff] [blame]59#MaxStartups 10:30:60
Ben Lindstrom48bd7c12001-01-09 00:35:42 +0000[diff] [blame]60#Banner /etc/issue.net
Damien Miller33804262001-02-04 23:20:18 +1100[diff] [blame]61#ReverseMappingCheck yes
Ben Lindstrome9d04442001-02-10 23:26:35 +0000[diff] [blame]62
63Subsystem sftp /usr/libexec/sftp-server