blob: b89b19fc8e6fdff6f3edf2897ffb3c7670c41acb [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001# This is ssh server systemwide configuration file.
2
3Port 22
Damien Miller8bb73be2000-04-19 16:26:12 +10004#Protocol 2,1
Damien Millerd4a8b7e1999-10-27 13:42:43 +10005ListenAddress 0.0.0.0
Damien Miller34132e52000-01-14 15:45:46 +11006#ListenAddress ::
Damien Miller886c63a2000-01-20 23:13:36 +11007HostKey /etc/ssh_host_key
Damien Millerd4a8b7e1999-10-27 13:42:43 +10008ServerKeyBits 768
9LoginGraceTime 600
10KeyRegenerationInterval 3600
11PermitRootLogin yes
Damien Miller886c63a2000-01-20 23:13:36 +110012#
13# Don't read ~/.rhosts and ~/.shosts files
14IgnoreRhosts yes
15# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
16#IgnoreUserKnownHosts yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +100017StrictModes yes
Damien Miller32265091999-11-12 11:33:04 +110018X11Forwarding no
Damien Millerd4a8b7e1999-10-27 13:42:43 +100019X11DisplayOffset 10
Damien Millerd4a8b7e1999-10-27 13:42:43 +100020PrintMotd yes
21KeepAlive yes
Damien Miller192bd011999-11-13 23:56:35 +110022
Damien Miller886c63a2000-01-20 23:13:36 +110023# Logging
Damien Millerd4a8b7e1999-10-27 13:42:43 +100024SyslogFacility AUTH
Damien Miller192bd011999-11-13 23:56:35 +110025LogLevel INFO
Damien Miller886c63a2000-01-20 23:13:36 +110026#obsoletes QuietMode and FascistLogging
Damien Miller9ba30241999-11-11 21:07:00 +110027
Damien Miller192bd011999-11-13 23:56:35 +110028RhostsAuthentication no
Damien Miller32265091999-11-12 11:33:04 +110029#
Damien Miller886c63a2000-01-20 23:13:36 +110030# For this to work you will also need host keys in /etc/ssh_known_hosts
31RhostsRSAAuthentication no
Damien Miller32265091999-11-12 11:33:04 +110032#
Damien Millerd4a8b7e1999-10-27 13:42:43 +100033RSAAuthentication yes
34
35# To disable tunneled clear text passwords, change to no here!
36PasswordAuthentication yes
37PermitEmptyPasswords no
Damien Miller886c63a2000-01-20 23:13:36 +110038# Uncomment to disable s/key passwords
Damien Millerd4a8b7e1999-10-27 13:42:43 +100039#SkeyAuthentication no
40
Damien Miller886c63a2000-01-20 23:13:36 +110041# To change Kerberos options
Damien Millerd4a8b7e1999-10-27 13:42:43 +100042#KerberosAuthentication no
43#KerberosOrLocalPasswd yes
44#AFSTokenPassing no
45#KerberosTicketCleanup no
Damien Miller886c63a2000-01-20 23:13:36 +110046
Damien Millerd4a8b7e1999-10-27 13:42:43 +100047# Kerberos TGT Passing does only work with the AFS kaserver
48#KerberosTgtPassing yes
Damien Miller886c63a2000-01-20 23:13:36 +110049
50CheckMail no
Damien Millerc30d35c2000-08-30 09:40:09 +110051#UseLogin no
Damien Millerf6d9e222000-06-18 14:50:44 +100052
53#Subsystem sftp /usr/local/sbin/sftpd
Damien Miller942da032000-08-18 13:59:06 +100054#MaxStartups 10:30:60