Blame - sshd_config - platform/external/openssh

blob: 0e469300f56d27ee8cea9025dc01c67d9d5a8048 [file] [log] [blame]

Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	1	# $OpenBSD: sshd_config,v 1.40 2001/05/31 13:08:04 markus Exp $
Ben Lindstrom	36579d3	2001-01-29 07:39:26 +0000	[diff] [blame]	2
Tim Rice	59ea0a0	2001-03-10 13:50:45 -0800	[diff] [blame]	3	# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
				4
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	5	# This is the sshd server system-wide configuration file. See sshd(8)
				6	# for more information.
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	7
				8	Port 22
Damien Miller	8bb73be	2000-04-19 16:26:12 +1000	[diff] [blame]	9	#Protocol 2,1
Kevin Steves	8ee4f69	2001-01-09 15:28:46 +0000	[diff] [blame]	10	#ListenAddress 0.0.0.0
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	11	#ListenAddress ::
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	12
				13	# HostKey for protocol version 1
Damien Miller	886c63a	2000-01-20 23:13:36 +1100	[diff] [blame]	14	HostKey /etc/ssh_host_key
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	15	# HostKeys for protocol version 2
Ben Lindstrom	531a445	2001-03-05 05:17:18 +0000	[diff] [blame]	16	HostKey /etc/ssh_host_rsa_key
Ben Lindstrom	4b00c8b	2001-03-05 06:05:35 +0000	[diff] [blame]	17	HostKey /etc/ssh_host_dsa_key
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	18
				19	# Lifetime and size of ephemeral version 1 server key
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	20	KeyRegenerationInterval 3600
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	21	ServerKeyBits 768
Damien Miller	192bd01	1999-11-13 23:56:35 +1100	[diff] [blame]	22
Damien Miller	886c63a	2000-01-20 23:13:36 +1100	[diff] [blame]	23	# Logging
Kevin Steves	8ee4f69	2001-01-09 15:28:46 +0000	[diff] [blame]	24	SyslogFacility AUTH
Damien Miller	192bd01	1999-11-13 23:56:35 +1100	[diff] [blame]	25	LogLevel INFO
Damien Miller	886c63a	2000-01-20 23:13:36 +1100	[diff] [blame]	26	#obsoletes QuietMode and FascistLogging
Damien Miller	9ba3024	1999-11-11 21:07:00 +1100	[diff] [blame]	27
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	28	# Authentication:
				29
				30	LoginGraceTime 600
				31	PermitRootLogin yes
				32	StrictModes yes
				33
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	34	RSAAuthentication yes
Ben Lindstrom	bfb3a0e	2001-06-05 20:25:05 +0000	[diff] [blame]	35	PubkeyAuthentication yes
				36	#AuthorizedKeysFile %h/.ssh/authorized_keys
				37	#AuthorizedKeysFile2 %h/.ssh/authorized_keys2
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	38
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	39	# rhosts authentication should not be used
				40	RhostsAuthentication no
				41	# Don't read the user's ~/.rhosts and ~/.shosts files
				42	IgnoreRhosts yes
				43	# For this to work you will also need host keys in /etc/ssh_known_hosts
				44	RhostsRSAAuthentication no
				45	# similar for protocol version 2
				46	HostbasedAuthentication no
				47	# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
				48	#IgnoreUserKnownHosts yes
				49
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	50	# To disable tunneled clear text passwords, change to no here!
				51	PasswordAuthentication yes
				52	PermitEmptyPasswords no
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	53
Damien Miller	f815442	2001-04-25 22:44:14 +1000	[diff] [blame]	54	# Uncomment to disable s/key passwords
				55	#ChallengeResponseAuthentication no
				56
				57	# Uncomment to enable PAM keyboard-interactive authentication
				58	# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
				59	#PAMAuthenticationViaKbdInt yes
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	60
Damien Miller	886c63a	2000-01-20 23:13:36 +1100	[diff] [blame]	61	# To change Kerberos options
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	62	#KerberosAuthentication no
				63	#KerberosOrLocalPasswd yes
				64	#AFSTokenPassing no
				65	#KerberosTicketCleanup no
Damien Miller	886c63a	2000-01-20 23:13:36 +1100	[diff] [blame]	66
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	67	# Kerberos TGT Passing does only work with the AFS kaserver
				68	#KerberosTgtPassing yes
Damien Miller	886c63a	2000-01-20 23:13:36 +1100	[diff] [blame]	69
Ben Lindstrom	c4b7225	2001-06-09 01:09:51 +0000	[diff] [blame]	70	X11Forwarding no
				71	X11DisplayOffset 10
				72	PrintMotd yes
				73	#PrintLastLog no
				74	KeepAlive yes
Kevin Steves	8ee4f69	2001-01-09 15:28:46 +0000	[diff] [blame]	75	#CheckMail yes
Damien Miller	c30d35c	2000-08-30 09:40:09 +1100	[diff] [blame]	76	#UseLogin no
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	77
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	78	#MaxStartups 10:30:60
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	79	#Banner /etc/issue.net
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	80	#ReverseMappingCheck yes
Ben Lindstrom	e9d0444	2001-02-10 23:26:35 +0000	[diff] [blame]	81
				82	Subsystem sftp /usr/libexec/sftp-server