sshd_config revision 99051 
1#	$OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $
2#	$FreeBSD: head/crypto/openssh/sshd_config 99051 2002-06-29 10:55:18Z des $
3
4# This is the sshd server system-wide configuration file.  See
5# sshd_config(5) for more information.
6
7# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
8
9# The strategy used for options in the default sshd_config shipped with
10# OpenSSH is to specify options with their default value where
11# possible, but leave them commented.  Uncommented options change a
12# default value.
13
14# Note that some of FreeBSD's defaults differ from OpenBSD's, and
15# FreeBSD has a few additional options.
16
17#VersionAddendum FreeBSD-20020625
18
19#Port 22
20#Protocol 2,1
21#ListenAddress 0.0.0.0
22#ListenAddress ::
23
24# HostKey for protocol version 1
25#HostKey /etc/ssh/ssh_host_key
26# HostKeys for protocol version 2
27#HostKey /etc/ssh/ssh_host_rsa_key
28#HostKey /etc/ssh/ssh_host_dsa_key
29
30# Lifetime and size of ephemeral version 1 server key
31#KeyRegenerationInterval 3600
32#ServerKeyBits 768
33
34# Logging
35#obsoletes QuietMode and FascistLogging
36#SyslogFacility AUTH
37#LogLevel INFO
38
39# Authentication:
40
41#LoginGraceTime 120
42#PermitRootLogin no
43#StrictModes yes
44
45#RSAAuthentication yes
46#PubkeyAuthentication yes
47#AuthorizedKeysFile	.ssh/authorized_keys
48
49# rhosts authentication should not be used
50#RhostsAuthentication no
51# Don't read the user's ~/.rhosts and ~/.shosts files
52#IgnoreRhosts yes
53# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
54#RhostsRSAAuthentication no
55# similar for protocol version 2
56#HostbasedAuthentication no
57# Change to yes if you don't trust ~/.ssh/known_hosts for
58# RhostsRSAAuthentication and HostbasedAuthentication
59#IgnoreUserKnownHosts no
60
61# To disable tunneled clear text passwords, change to no here!
62#PasswordAuthentication yes
63#PermitEmptyPasswords no
64
65# Change to no to disable s/key passwords
66#ChallengeResponseAuthentication yes
67
68# Kerberos options
69#KerberosAuthentication no
70#KerberosOrLocalPasswd yes
71#KerberosTicketCleanup yes
72
73#AFSTokenPassing no
74
75# Kerberos TGT Passing only works with the AFS kaserver
76#KerberosTgtPassing no
77
78# Set this to 'yes' to enable PAM keyboard-interactive authentication 
79# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
80#PAMAuthenticationViaKbdInt yes
81
82#X11Forwarding yes
83#X11DisplayOffset 10
84#X11UseLocalhost yes
85#PrintMotd yes
86#PrintLastLog yes
87#KeepAlive yes
88#UseLogin no
89#UsePrivilegeSeparation yes
90#Compression yes
91
92#MaxStartups 10
93# no default banner path
94#Banner /some/path
95#VerifyReverseMapping no
96
97# override default of no subsystems
98Subsystem	sftp	/usr/libexec/sftp-server
99