sshd_config revision 99051
1# $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $ 2# $FreeBSD: head/crypto/openssh/sshd_config 99051 2002-06-29 10:55:18Z des $ 3 4# This is the sshd server system-wide configuration file. See 5# sshd_config(5) for more information. 6 7# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin 8 9# The strategy used for options in the default sshd_config shipped with 10# OpenSSH is to specify options with their default value where 11# possible, but leave them commented. Uncommented options change a 12# default value. 13 14# Note that some of FreeBSD's defaults differ from OpenBSD's, and 15# FreeBSD has a few additional options. 16 17#VersionAddendum FreeBSD-20020625 18 19#Port 22 20#Protocol 2,1 21#ListenAddress 0.0.0.0 22#ListenAddress :: 23 24# HostKey for protocol version 1 25#HostKey /etc/ssh/ssh_host_key 26# HostKeys for protocol version 2 27#HostKey /etc/ssh/ssh_host_rsa_key 28#HostKey /etc/ssh/ssh_host_dsa_key 29 30# Lifetime and size of ephemeral version 1 server key 31#KeyRegenerationInterval 3600 32#ServerKeyBits 768 33 34# Logging 35#obsoletes QuietMode and FascistLogging 36#SyslogFacility AUTH 37#LogLevel INFO 38 39# Authentication: 40 41#LoginGraceTime 120 42#PermitRootLogin no 43#StrictModes yes 44 45#RSAAuthentication yes 46#PubkeyAuthentication yes 47#AuthorizedKeysFile .ssh/authorized_keys 48 49# rhosts authentication should not be used 50#RhostsAuthentication no 51# Don't read the user's ~/.rhosts and ~/.shosts files 52#IgnoreRhosts yes 53# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 54#RhostsRSAAuthentication no 55# similar for protocol version 2 56#HostbasedAuthentication no 57# Change to yes if you don't trust ~/.ssh/known_hosts for 58# RhostsRSAAuthentication and HostbasedAuthentication 59#IgnoreUserKnownHosts no 60 61# To disable tunneled clear text passwords, change to no here! 62#PasswordAuthentication yes 63#PermitEmptyPasswords no 64 65# Change to no to disable s/key passwords 66#ChallengeResponseAuthentication yes 67 68# Kerberos options 69#KerberosAuthentication no 70#KerberosOrLocalPasswd yes 71#KerberosTicketCleanup yes 72 73#AFSTokenPassing no 74 75# Kerberos TGT Passing only works with the AFS kaserver 76#KerberosTgtPassing no 77 78# Set this to 'yes' to enable PAM keyboard-interactive authentication 79# Warning: enabling this may bypass the setting of 'PasswordAuthentication' 80#PAMAuthenticationViaKbdInt yes 81 82#X11Forwarding yes 83#X11DisplayOffset 10 84#X11UseLocalhost yes 85#PrintMotd yes 86#PrintLastLog yes 87#KeepAlive yes 88#UseLogin no 89#UsePrivilegeSeparation yes 90#Compression yes 91 92#MaxStartups 10 93# no default banner path 94#Banner /some/path 95#VerifyReverseMapping no 96 97# override default of no subsystems 98Subsystem sftp /usr/libexec/sftp-server 99