Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 8ee4f695606fa1cb92228120c93c61f8f6863b73 / . / sshd_config
blob: ad8db2746cf1bfc165f61487953326a4ee11644d [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]1# This is ssh server systemwide configuration file.
2
3Port 22
Damien Miller8bb73be2000-04-19 16:26:12 +1000[diff] [blame]4#Protocol 2,1
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame^]5#ListenAddress 0.0.0.0
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]6#ListenAddress ::
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]7HostKey /etc/ssh_host_key
Damien Miller0bc1bd82000-11-13 22:57:25 +1100[diff] [blame]8HostKey /etc/ssh_host_dsa_key
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame^]9#HostKey /etc/ssh_host_rsa_key
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]10ServerKeyBits 768
11LoginGraceTime 600
12KeyRegenerationInterval 3600
13PermitRootLogin yes
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]14#
15# Don't read ~/.rhosts and ~/.shosts files
16IgnoreRhosts yes
17# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
18#IgnoreUserKnownHosts yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]19StrictModes yes
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]20X11Forwarding no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]21X11DisplayOffset 10
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]22PrintMotd yes
23KeepAlive yes
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]24
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]25# Logging
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame^]26SyslogFacility AUTH
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]27LogLevel INFO
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]28#obsoletes QuietMode and FascistLogging
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]29
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]30RhostsAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]31#
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]32# For this to work you will also need host keys in /etc/ssh_known_hosts
33RhostsRSAAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]34#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]35RSAAuthentication yes
36
37# To disable tunneled clear text passwords, change to no here!
38PasswordAuthentication yes
39PermitEmptyPasswords no
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]40# Uncomment to disable s/key passwords
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]41#SkeyAuthentication no
Damien Miller874d77b2000-10-14 16:23:11 +1100[diff] [blame]42#KbdInteractiveAuthentication yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]43
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]44# To change Kerberos options
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]45#KerberosAuthentication no
46#KerberosOrLocalPasswd yes
47#AFSTokenPassing no
48#KerberosTicketCleanup no
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]49
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]50# Kerberos TGT Passing does only work with the AFS kaserver
51#KerberosTgtPassing yes
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]52
Kevin Steves8ee4f692001-01-09 15:28:46 +0000[diff] [blame^]53#CheckMail yes
Damien Millerc30d35c2000-08-30 09:40:09 +1100[diff] [blame]54#UseLogin no
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]55
Damien Miller7b28dc52000-09-05 13:34:53 +1100[diff] [blame]56# Uncomment if you want to enable sftp
57#Subsystem sftp /usr/libexec/sftp-server
Damien Miller942da032000-08-18 13:59:06 +1000[diff] [blame]58#MaxStartups 10:30:60
Ben Lindstrom48bd7c12001-01-09 00:35:42 +0000[diff] [blame]59#Banner /etc/issue.net