sshd_config revision 76262
1112158Sdas# $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $ 2112158Sdas# $FreeBSD: head/crypto/openssh/sshd_config 76262 2001-05-04 04:14:23Z green $ 3112158Sdas 4112158Sdas# This is the sshd server system-wide configuration file. See sshd(8) 5112158Sdas# for more information. 6112158Sdas 7112158SdasPort 22 8112158Sdas#Protocol 2,1 9112158Sdas#ListenAddress 0.0.0.0 10112158Sdas#ListenAddress :: 11112158SdasHostKey /etc/ssh_host_key 12112158SdasHostKey /etc/ssh_host_rsa_key 13112158SdasHostKey /etc/ssh_host_dsa_key 14112158SdasServerKeyBits 768 15112158SdasLoginGraceTime 120 16112158SdasKeyRegenerationInterval 3600 17112158SdasPermitRootLogin no 18112158Sdas# ConnectionsPerPeriod has been deprecated completely 19112158Sdas 20112158Sdas# After 10 unauthenticated connections, refuse 30% of the new ones, and 21112158Sdas# refuse any more than 60 total. 22112158SdasMaxStartups 10:30:60 23112158Sdas# Don't read ~/.rhosts and ~/.shosts files 24112158SdasIgnoreRhosts yes 25112158Sdas# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 26112158Sdas#IgnoreUserKnownHosts yes 27112158SdasStrictModes yes 28112158SdasX11Forwarding yes 29112158SdasX11DisplayOffset 10 30112158SdasPrintMotd yes 31112158Sdas#PrintLastLog no 32112158SdasKeepAlive yes 33112158Sdas 34112158Sdas# Logging 35112158SdasSyslogFacility AUTH 36112158SdasLogLevel INFO 37112158Sdas#obsoletes QuietMode and FascistLogging 38112158Sdas 39112158SdasRhostsAuthentication no 40112158Sdas# 41112158Sdas# For this to work you will also need host keys in /etc/ssh_known_hosts 42112158SdasRhostsRSAAuthentication no 43112158Sdas# similar for protocol version 2 44112158SdasHostbasedAuthentication no 45112158Sdas# 46112158SdasRSAAuthentication yes 47112158Sdas 48112158Sdas# To disable tunneled clear text passwords, change to no here! 49112158SdasPasswordAuthentication yes 50112158SdasPermitEmptyPasswords no 51112158Sdas 52112158Sdas# Uncomment to disable s/key passwords 53112158Sdas#ChallengeResponseAuthentication no 54112158Sdas 55112158Sdas# To change Kerberos options 56112158Sdas#KerberosAuthentication no 57112158Sdas#KerberosOrLocalPasswd yes 58112158Sdas#AFSTokenPassing no 59187808Sdas#KerberosTicketCleanup no 60187808Sdas 61187808Sdas# Kerberos TGT Passing does only work with the AFS kaserver 62112158Sdas#KerberosTgtPassing yes 63112158Sdas 64112158SdasCheckMail yes 65112158Sdas#UseLogin no 66112158Sdas 67112158Sdas#MaxStartups 10:30:60 68112158Sdas#Banner /etc/issue.net 69112158Sdas#ReverseMappingCheck yes 70112158Sdas 71112158SdasSubsystem sftp /usr/libexec/sftp-server 72112158Sdas