sshd_config revision 76262
176262Sgreen# $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $ 276262Sgreen# $FreeBSD: head/crypto/openssh/sshd_config 76262 2001-05-04 04:14:23Z green $ 357429Smarkm 476262Sgreen# This is the sshd server system-wide configuration file. See sshd(8) 576262Sgreen# for more information. 676262Sgreen 757429SmarkmPort 22 860576Skris#Protocol 2,1 957429Smarkm#ListenAddress 0.0.0.0 1057429Smarkm#ListenAddress :: 1176262SgreenHostKey /etc/ssh_host_key 1276262SgreenHostKey /etc/ssh_host_rsa_key 1376262SgreenHostKey /etc/ssh_host_dsa_key 1457429SmarkmServerKeyBits 768 1565022SkrisLoginGraceTime 120 1657429SmarkmKeyRegenerationInterval 3600 1757432SmarkmPermitRootLogin no 1870990Sgreen# ConnectionsPerPeriod has been deprecated completely 1969591Sgreen 2069591Sgreen# After 10 unauthenticated connections, refuse 30% of the new ones, and 2169591Sgreen# refuse any more than 60 total. 2269591SgreenMaxStartups 10:30:60 2357429Smarkm# Don't read ~/.rhosts and ~/.shosts files 2457429SmarkmIgnoreRhosts yes 2557429Smarkm# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 2657429Smarkm#IgnoreUserKnownHosts yes 2757429SmarkmStrictModes yes 2865357SkrisX11Forwarding yes 2957429SmarkmX11DisplayOffset 10 3057429SmarkmPrintMotd yes 3176262Sgreen#PrintLastLog no 3257429SmarkmKeepAlive yes 3357429Smarkm 3457429Smarkm# Logging 3557429SmarkmSyslogFacility AUTH 3657429SmarkmLogLevel INFO 3757429Smarkm#obsoletes QuietMode and FascistLogging 3857429Smarkm 3957429SmarkmRhostsAuthentication no 4057429Smarkm# 4157429Smarkm# For this to work you will also need host keys in /etc/ssh_known_hosts 4257429SmarkmRhostsRSAAuthentication no 4376262Sgreen# similar for protocol version 2 4476262SgreenHostbasedAuthentication no 4557429Smarkm# 4657429SmarkmRSAAuthentication yes 4757429Smarkm 4857429Smarkm# To disable tunneled clear text passwords, change to no here! 4957429SmarkmPasswordAuthentication yes 5057429SmarkmPermitEmptyPasswords no 5176262Sgreen 5257429Smarkm# Uncomment to disable s/key passwords 5376262Sgreen#ChallengeResponseAuthentication no 5457429Smarkm 5557429Smarkm# To change Kerberos options 5657429Smarkm#KerberosAuthentication no 5757429Smarkm#KerberosOrLocalPasswd yes 5857429Smarkm#AFSTokenPassing no 5957429Smarkm#KerberosTicketCleanup no 6057429Smarkm 6157429Smarkm# Kerberos TGT Passing does only work with the AFS kaserver 6257429Smarkm#KerberosTgtPassing yes 6357429Smarkm 6460813SacheCheckMail yes 6557429Smarkm#UseLogin no 6665674Skris 6776262Sgreen#MaxStartups 10:30:60 6876262Sgreen#Banner /etc/issue.net 6976262Sgreen#ReverseMappingCheck yes 7076262Sgreen 7176262SgreenSubsystem sftp /usr/libexec/sftp-server 72