Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 1 | # This is ssh server systemwide configuration file. |
| 2 | |
| 3 | Port 22 |
| 4 | ListenAddress 0.0.0.0 |
Damien Miller | a37010e | 1999-10-29 09:18:29 +1000 | [diff] [blame] | 5 | HostKey /etc/ssh/ssh_host_key |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 6 | ServerKeyBits 768 |
| 7 | LoginGraceTime 600 |
| 8 | KeyRegenerationInterval 3600 |
| 9 | PermitRootLogin yes |
Damien Miller | 9ba3024 | 1999-11-11 21:07:00 +1100 | [diff] [blame^] | 10 | |
| 11 | # |
| 12 | # Loglevel replaces QuietMode and FascistLogging |
| 13 | # |
| 14 | LogLevel INFO |
| 15 | |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 16 | # |
| 17 | # Don't read ~/.rhosts and ~/.shosts files |
| 18 | IgnoreRhosts yes |
| 19 | StrictModes yes |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 20 | X11Forwarding yes |
| 21 | X11DisplayOffset 10 |
| 22 | FascistLogging no |
| 23 | PrintMotd yes |
| 24 | KeepAlive yes |
Damien Miller | 9ba3024 | 1999-11-11 21:07:00 +1100 | [diff] [blame^] | 25 | CheckMail no |
| 26 | UseLogin no |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 27 | SyslogFacility AUTH |
| 28 | RhostsAuthentication no |
Damien Miller | 9ba3024 | 1999-11-11 21:07:00 +1100 | [diff] [blame^] | 29 | |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 30 | # |
Damien Miller | a37010e | 1999-10-29 09:18:29 +1000 | [diff] [blame] | 31 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 32 | # |
Damien Miller | 9ba3024 | 1999-11-11 21:07:00 +1100 | [diff] [blame^] | 33 | RhostsRSAAuthentication no |
| 34 | |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 35 | RSAAuthentication yes |
| 36 | |
| 37 | # To disable tunneled clear text passwords, change to no here! |
| 38 | PasswordAuthentication yes |
| 39 | PermitEmptyPasswords no |
Damien Miller | 9ba3024 | 1999-11-11 21:07:00 +1100 | [diff] [blame^] | 40 | |
| 41 | # |
| 42 | # Uncomment to disable s/key passwords (must be compiled with s/key support) |
| 43 | # |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 44 | #SkeyAuthentication no |
| 45 | |
Damien Miller | 9ba3024 | 1999-11-11 21:07:00 +1100 | [diff] [blame^] | 46 | # |
| 47 | # To change Kerberos options (must be compiled with Kerberos support) |
| 48 | # |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 49 | #KerberosAuthentication no |
| 50 | #KerberosOrLocalPasswd yes |
| 51 | #AFSTokenPassing no |
| 52 | #KerberosTicketCleanup no |
Damien Miller | d4a8b7e | 1999-10-27 13:42:43 +1000 | [diff] [blame] | 53 | # Kerberos TGT Passing does only work with the AFS kaserver |
| 54 | #KerberosTgtPassing yes |