Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / e4041c9d81e55cedcc4567f3840116900b5db85e / . / sshd_config
blob: 3b88062fa3de9fb247271add62cd1e8bc2c4881a [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]1# This is ssh server systemwide configuration file.
2
3Port 22
Damien Miller8bb73be2000-04-19 16:26:12 +1000[diff] [blame]4#Protocol 2,1
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]5ListenAddress 0.0.0.0
Damien Miller34132e52000-01-14 15:45:46 +1100[diff] [blame]6#ListenAddress ::
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]7HostKey /etc/ssh_host_key
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]8ServerKeyBits 768
9LoginGraceTime 600
10KeyRegenerationInterval 3600
11PermitRootLogin yes
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]12#
13# Don't read ~/.rhosts and ~/.shosts files
14IgnoreRhosts yes
15# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
16#IgnoreUserKnownHosts yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]17StrictModes yes
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]18X11Forwarding no
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]19X11DisplayOffset 10
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]20PrintMotd yes
21KeepAlive yes
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]22
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]23# Logging
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]24SyslogFacility AUTH
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]25LogLevel INFO
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]26#obsoletes QuietMode and FascistLogging
Damien Miller9ba30241999-11-11 21:07:00 +1100[diff] [blame]27
Damien Miller192bd011999-11-13 23:56:35 +1100[diff] [blame]28RhostsAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]29#
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]30# For this to work you will also need host keys in /etc/ssh_known_hosts
31RhostsRSAAuthentication no
Damien Miller32265091999-11-12 11:33:04 +1100[diff] [blame]32#
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]33RSAAuthentication yes
34
35# To disable tunneled clear text passwords, change to no here!
36PasswordAuthentication yes
37PermitEmptyPasswords no
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]38# Uncomment to disable s/key passwords
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]39#SkeyAuthentication no
Damien Miller874d77b2000-10-14 16:23:11 +1100[diff] [blame]40#KbdInteractiveAuthentication yes
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]41
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]42# To change Kerberos options
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]43#KerberosAuthentication no
44#KerberosOrLocalPasswd yes
45#AFSTokenPassing no
46#KerberosTicketCleanup no
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]47
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame]48# Kerberos TGT Passing does only work with the AFS kaserver
49#KerberosTgtPassing yes
Damien Miller886c63a2000-01-20 23:13:36 +1100[diff] [blame]50
51CheckMail no
Damien Millerc30d35c2000-08-30 09:40:09 +1100[diff] [blame]52#UseLogin no
Damien Millerf6d9e222000-06-18 14:50:44 +1000[diff] [blame]53
Damien Miller7b28dc52000-09-05 13:34:53 +1100[diff] [blame]54# Uncomment if you want to enable sftp
55#Subsystem sftp /usr/libexec/sftp-server
Damien Miller942da032000-08-18 13:59:06 +1000[diff] [blame]56#MaxStartups 10:30:60