sshd_config revision 69591
157429Smarkm# This is ssh server systemwide configuration file. 257432Smarkm# 357432Smarkm# $FreeBSD: head/crypto/openssh/sshd_config 69591 2000-12-05 02:55:12Z green $ 457429Smarkm 557429SmarkmPort 22 660576Skris#Protocol 2,1 757429Smarkm#ListenAddress 0.0.0.0 857429Smarkm#ListenAddress :: 957493SpeterHostKey /etc/ssh/ssh_host_key 1060678SkrisHostDsaKey /etc/ssh/ssh_host_dsa_key 1157429SmarkmServerKeyBits 768 1265022SkrisLoginGraceTime 120 1357429SmarkmKeyRegenerationInterval 3600 1457432SmarkmPermitRootLogin no 1569591Sgreen# Deprecated: rate-limit sshd connections to 5 connections per 10 seconds 1669591Sgreen# ConnectionsPerPeriod 5/10 1769591Sgreen 1869591Sgreen# After 10 unauthenticated connections, refuse 30% of the new ones, and 1969591Sgreen# refuse any more than 60 total. 2069591SgreenMaxStartups 10:30:60 2157429Smarkm# Don't read ~/.rhosts and ~/.shosts files 2257429SmarkmIgnoreRhosts yes 2357429Smarkm# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 2457429Smarkm#IgnoreUserKnownHosts yes 2557429SmarkmStrictModes yes 2665357SkrisX11Forwarding yes 2757429SmarkmX11DisplayOffset 10 2857429SmarkmPrintMotd yes 2957429SmarkmKeepAlive yes 3057429Smarkm 3157429Smarkm# Logging 3257429SmarkmSyslogFacility AUTH 3357429SmarkmLogLevel INFO 3457429Smarkm#obsoletes QuietMode and FascistLogging 3557429Smarkm 3657429SmarkmRhostsAuthentication no 3757429Smarkm# 3857429Smarkm# For this to work you will also need host keys in /etc/ssh_known_hosts 3957429SmarkmRhostsRSAAuthentication no 4057429Smarkm# 4157429SmarkmRSAAuthentication yes 4257429Smarkm 4357429Smarkm# To disable tunneled clear text passwords, change to no here! 4457429SmarkmPasswordAuthentication yes 4557429SmarkmPermitEmptyPasswords no 4657429Smarkm# Uncomment to disable s/key passwords 4757429Smarkm#SkeyAuthentication no 4869591Sgreen#KbdInteractiveAuthentication yes 4957429Smarkm 5057429Smarkm# To change Kerberos options 5157429Smarkm#KerberosAuthentication no 5257429Smarkm#KerberosOrLocalPasswd yes 5357429Smarkm#AFSTokenPassing no 5457429Smarkm#KerberosTicketCleanup no 5557429Smarkm 5657429Smarkm# Kerberos TGT Passing does only work with the AFS kaserver 5757429Smarkm#KerberosTgtPassing yes 5857429Smarkm 5960813SacheCheckMail yes 6057429Smarkm#UseLogin no 6165674Skris 6265674Skris# Uncomment if you want to enable sftp 6365674Skris#Subsystem sftp /usr/libexec/sftp-server 64