sshd_config.0 revision 180740
1SSHD_CONFIG(5) OpenBSD Programmer's Manual SSHD_CONFIG(5) 2 3NAME 4 sshd_config - OpenSSH SSH daemon configuration file 5 6SYNOPSIS 7 /etc/ssh/sshd_config 8 9DESCRIPTION 10 sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file 11 specified with -f on the command line). The file contains keyword-argu- 12 ment pairs, one per line. Lines starting with `#' and empty lines are 13 interpreted as comments. Arguments may optionally be enclosed in double 14 quotes (") in order to represent arguments containing spaces. 15 16 The possible keywords and their meanings are as follows (note that key- 17 words are case-insensitive and arguments are case-sensitive): 18 19 AcceptEnv 20 Specifies what environment variables sent by the client will be 21 copied into the session's environ(7). See SendEnv in 22 ssh_config(5) for how to configure the client. Note that envi- 23 ronment passing is only supported for protocol 2. Variables are 24 specified by name, which may contain the wildcard characters `*' 25 and `?'. Multiple environment variables may be separated by 26 whitespace or spread across multiple AcceptEnv directives. Be 27 warned that some environment variables could be used to bypass 28 restricted user environments. For this reason, care should be 29 taken in the use of this directive. The default is not to accept 30 any environment variables. 31 32 AddressFamily 33 Specifies which address family should be used by sshd(8). Valid 34 arguments are ``any'', ``inet'' (use IPv4 only), or ``inet6'' 35 (use IPv6 only). The default is ``any''. 36 37 AllowGroups 38 This keyword can be followed by a list of group name patterns, 39 separated by spaces. If specified, login is allowed only for 40 users whose primary group or supplementary group list matches one 41 of the patterns. Only group names are valid; a numerical group 42 ID is not recognized. By default, login is allowed for all 43 groups. The allow/deny directives are processed in the following 44 order: DenyUsers, AllowUsers, DenyGroups, and finally 45 AllowGroups. 46 47 See PATTERNS in ssh_config(5) for more information on patterns. 48 49 AllowTcpForwarding 50 Specifies whether TCP forwarding is permitted. The default is 51 ``yes''. Note that disabling TCP forwarding does not improve se- 52 curity unless users are also denied shell access, as they can al- 53 ways install their own forwarders. 54 55 AllowUsers 56 This keyword can be followed by a list of user name patterns, 57 separated by spaces. If specified, login is allowed only for us- 58 er names that match one of the patterns. Only user names are 59 valid; a numerical user ID is not recognized. By default, login 60 is allowed for all users. If the pattern takes the form US- 61 ER@HOST then USER and HOST are separately checked, restricting 62 logins to particular users from particular hosts. The allow/deny 63 directives are processed in the following order: DenyUsers, 64 AllowUsers, DenyGroups, and finally AllowGroups. 65 66 See PATTERNS in ssh_config(5) for more information on patterns. 67 68 AuthorizedKeysFile 69 Specifies the file that contains the public keys that can be used 70 for user authentication. AuthorizedKeysFile may contain tokens 71 of the form %T which are substituted during connection setup. 72 The following tokens are defined: %% is replaced by a literal 73 '%', %h is replaced by the home directory of the user being au- 74 thenticated, and %u is replaced by the username of that user. 75 After expansion, AuthorizedKeysFile is taken to be an absolute 76 path or one relative to the user's home directory. The default 77 is ``.ssh/authorized_keys''. 78 79 Banner In some jurisdictions, sending a warning message before authenti- 80 cation may be relevant for getting legal protection. The con- 81 tents of the specified file are sent to the remote user before 82 authentication is allowed. This option is only available for 83 protocol version 2. By default, no banner is displayed. 84 85 ChallengeResponseAuthentication 86 Specifies whether challenge-response authentication is allowed. 87 All authentication styles from login.conf(5) are supported. The 88 default is ``yes''. 89 90 Ciphers 91 Specifies the ciphers allowed for protocol version 2. Multiple 92 ciphers must be comma-separated. The supported ciphers are 93 ``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'', 94 ``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'', ``arcfour128'', 95 ``arcfour256'', ``arcfour'', ``blowfish-cbc'', and 96 ``cast128-cbc''. The default is: 97 98 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, 99 arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, 100 aes192-ctr,aes256-ctr 101 102 ClientAliveCountMax 103 Sets the number of client alive messages (see below) which may be 104 sent without sshd(8) receiving any messages back from the client. 105 If this threshold is reached while client alive messages are be- 106 ing sent, sshd will disconnect the client, terminating the ses- 107 sion. It is important to note that the use of client alive mes- 108 sages is very different from TCPKeepAlive (below). The client 109 alive messages are sent through the encrypted channel and there- 110 fore will not be spoofable. The TCP keepalive option enabled by 111 TCPKeepAlive is spoofable. The client alive mechanism is valu- 112 able when the client or server depend on knowing when a connec- 113 tion has become inactive. 114 115 The default value is 3. If ClientAliveInterval (see below) is 116 set to 15, and ClientAliveCountMax is left at the default, unre- 117 sponsive SSH clients will be disconnected after approximately 45 118 seconds. This option applies to protocol version 2 only. 119 120 ClientAliveInterval 121 Sets a timeout interval in seconds after which if no data has 122 been received from the client, sshd(8) will send a message 123 through the encrypted channel to request a response from the 124 client. The default is 0, indicating that these messages will 125 not be sent to the client. This option applies to protocol ver- 126 sion 2 only. 127 128 Compression 129 Specifies whether compression is allowed, or delayed until the 130 user has authenticated successfully. The argument must be 131 ``yes'', ``delayed'', or ``no''. The default is ``delayed''. 132 133 DenyGroups 134 This keyword can be followed by a list of group name patterns, 135 separated by spaces. Login is disallowed for users whose primary 136 group or supplementary group list matches one of the patterns. 137 Only group names are valid; a numerical group ID is not recog- 138 nized. By default, login is allowed for all groups. The al- 139 low/deny directives are processed in the following order: 140 DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. 141 142 See PATTERNS in ssh_config(5) for more information on patterns. 143 144 DenyUsers 145 This keyword can be followed by a list of user name patterns, 146 separated by spaces. Login is disallowed for user names that 147 match one of the patterns. Only user names are valid; a numeri- 148 cal user ID is not recognized. By default, login is allowed for 149 all users. If the pattern takes the form USER@HOST then USER and 150 HOST are separately checked, restricting logins to particular 151 users from particular hosts. The allow/deny directives are pro- 152 cessed in the following order: DenyUsers, AllowUsers, DenyGroups, 153 and finally AllowGroups. 154 155 See PATTERNS in ssh_config(5) for more information on patterns. 156 157 ForceCommand 158 Forces the execution of the command specified by ForceCommand, 159 ignoring any command supplied by the client. The command is in- 160 voked by using the user's login shell with the -c option. This 161 applies to shell, command, or subsystem execution. It is most 162 useful inside a Match block. The command originally supplied by 163 the client is available in the SSH_ORIGINAL_COMMAND environment 164 variable. 165 166 GatewayPorts 167 Specifies whether remote hosts are allowed to connect to ports 168 forwarded for the client. By default, sshd(8) binds remote port 169 forwardings to the loopback address. This prevents other remote 170 hosts from connecting to forwarded ports. GatewayPorts can be 171 used to specify that sshd should allow remote port forwardings to 172 bind to non-loopback addresses, thus allowing other hosts to con- 173 nect. The argument may be ``no'' to force remote port forward- 174 ings to be available to the local host only, ``yes'' to force re- 175 mote port forwardings to bind to the wildcard address, or 176 ``clientspecified'' to allow the client to select the address to 177 which the forwarding is bound. The default is ``no''. 178 179 GSSAPIAuthentication 180 Specifies whether user authentication based on GSSAPI is allowed. 181 The default is ``no''. Note that this option applies to protocol 182 version 2 only. 183 184 GSSAPICleanupCredentials 185 Specifies whether to automatically destroy the user's credentials 186 cache on logout. The default is ``yes''. Note that this option 187 applies to protocol version 2 only. 188 189 HostbasedAuthentication 190 Specifies whether rhosts or /etc/hosts.equiv authentication to- 191 gether with successful public key client host authentication is 192 allowed (host-based authentication). This option is similar to 193 RhostsRSAAuthentication and applies to protocol version 2 only. 194 The default is ``no''. 195 196 HostbasedUsesNameFromPacketOnly 197 Specifies whether or not the server will attempt to perform a re- 198 verse name lookup when matching the name in the ~/.shosts, 199 ~/.rhosts, and /etc/hosts.equiv files during 200 HostbasedAuthentication. A setting of ``yes'' means that sshd(8) 201 uses the name supplied by the client rather than attempting to 202 resolve the name from the TCP connection itself. The default is 203 ``no''. 204 205 HostKey 206 Specifies a file containing a private host key used by SSH. The 207 default is /etc/ssh/ssh_host_key for protocol version 1, and 208 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- 209 tocol version 2. Note that sshd(8) will refuse to use a file if 210 it is group/world-accessible. It is possible to have multiple 211 host key files. ``rsa1'' keys are used for version 1 and ``dsa'' 212 or ``rsa'' are used for version 2 of the SSH protocol. 213 214 IgnoreRhosts 215 Specifies that .rhosts and .shosts files will not be used in 216 RhostsRSAAuthentication or HostbasedAuthentication. 217 218 /etc/hosts.equiv and /etc/shosts.equiv are still used. The de- 219 fault is ``yes''. 220 221 IgnoreUserKnownHosts 222 Specifies whether sshd(8) should ignore the user's 223 ~/.ssh/known_hosts during RhostsRSAAuthentication or 224 HostbasedAuthentication. The default is ``no''. 225 226 KerberosAuthentication 227 Specifies whether the password provided by the user for 228 PasswordAuthentication will be validated through the Kerberos 229 KDC. To use this option, the server needs a Kerberos servtab 230 which allows the verification of the KDC's identity. The default 231 is ``no''. 232 233 KerberosGetAFSToken 234 If AFS is active and the user has a Kerberos 5 TGT, attempt to 235 acquire an AFS token before accessing the user's home directory. 236 The default is ``no''. 237 238 KerberosOrLocalPasswd 239 If password authentication through Kerberos fails then the pass- 240 word will be validated via any additional local mechanism such as 241 /etc/passwd. The default is ``yes''. 242 243 KerberosTicketCleanup 244 Specifies whether to automatically destroy the user's ticket 245 cache file on logout. The default is ``yes''. 246 247 KeyRegenerationInterval 248 In protocol version 1, the ephemeral server key is automatically 249 regenerated after this many seconds (if it has been used). The 250 purpose of regeneration is to prevent decrypting captured ses- 251 sions by later breaking into the machine and stealing the keys. 252 The key is never stored anywhere. If the value is 0, the key is 253 never regenerated. The default is 3600 (seconds). 254 255 ListenAddress 256 Specifies the local addresses sshd(8) should listen on. The fol- 257 lowing forms may be used: 258 259 ListenAddress host|IPv4_addr|IPv6_addr 260 ListenAddress host|IPv4_addr:port 261 ListenAddress [host|IPv6_addr]:port 262 263 If port is not specified, sshd will listen on the address and all 264 prior Port options specified. The default is to listen on all 265 local addresses. Multiple ListenAddress options are permitted. 266 Additionally, any Port options must precede this option for non- 267 port qualified addresses. 268 269 LoginGraceTime 270 The server disconnects after this time if the user has not suc- 271 cessfully logged in. If the value is 0, there is no time limit. 272 The default is 120 seconds. 273 274 LogLevel 275 Gives the verbosity level that is used when logging messages from 276 sshd(8). The possible values are: QUIET, FATAL, ERROR, INFO, 277 VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. 278 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify 279 higher levels of debugging output. Logging with a DEBUG level 280 violates the privacy of users and is not recommended. 281 282 MACs Specifies the available MAC (message authentication code) algo- 283 rithms. The MAC algorithm is used in protocol version 2 for data 284 integrity protection. Multiple algorithms must be comma-separat- 285 ed. The default is: ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac- 286 sha1-96,hmac-md5-96''. 287 288 Match Introduces a conditional block. If all of the criteria on the 289 Match line are satisfied, the keywords on the following lines 290 override those set in the global section of the config file, un- 291 til either another Match line or the end of the file. The argu- 292 ments to Match are one or more criteria-pattern pairs. The 293 available criteria are User, Group, Host, and Address. Only a 294 subset of keywords may be used on the lines following a Match 295 keyword. Available keywords are AllowTcpForwarding, Banner, 296 ForceCommand, GatewayPorts, GSSApiAuthentication, 297 KbdInteractiveAuthentication, KerberosAuthentication, 298 PasswordAuthentication, PermitOpen, RhostsRSAAuthentication, 299 RSAAuthentication, X11DisplayOffset, X11Forwarding, and 300 X11UseLocalHost. 301 302 MaxAuthTries 303 Specifies the maximum number of authentication attempts permitted 304 per connection. Once the number of failures reaches half this 305 value, additional failures are logged. The default is 6. 306 307 MaxStartups 308 Specifies the maximum number of concurrent unauthenticated con- 309 nections to the SSH daemon. Additional connections will be 310 dropped until authentication succeeds or the LoginGraceTime ex- 311 pires for a connection. The default is 10. 312 313 Alternatively, random early drop can be enabled by specifying the 314 three colon separated values ``start:rate:full'' (e.g. 315 "10:30:60"). sshd(8) will refuse connection attempts with a 316 probability of ``rate/100'' (30%) if there are currently 317 ``start'' (10) unauthenticated connections. The probability in- 318 creases linearly and all connection attempts are refused if the 319 number of unauthenticated connections reaches ``full'' (60). 320 321 PasswordAuthentication 322 Specifies whether password authentication is allowed. The de- 323 fault is ``yes''. 324 325 PermitEmptyPasswords 326 When password authentication is allowed, it specifies whether the 327 server allows login to accounts with empty password strings. The 328 default is ``no''. 329 330 PermitOpen 331 Specifies the destinations to which TCP port forwarding is per- 332 mitted. The forwarding specification must be one of the follow- 333 ing forms: 334 335 PermitOpen host:port 336 PermitOpen IPv4_addr:port 337 PermitOpen [IPv6_addr]:port 338 339 Multiple forwards may be specified by separating them with 340 whitespace. An argument of ``any'' can be used to remove all re- 341 strictions and permit any forwarding requests. By default all 342 port forwarding requests are permitted. 343 344 PermitRootLogin 345 Specifies whether root can log in using ssh(1). The argument 346 must be ``yes'', ``without-password'', ``forced-commands-only'', 347 or ``no''. The default is ``yes''. 348 349 If this option is set to ``without-password'', password authenti- 350 cation is disabled for root. 351 352 If this option is set to ``forced-commands-only'', root login 353 with public key authentication will be allowed, but only if the 354 command option has been specified (which may be useful for taking 355 remote backups even if root login is normally not allowed). All 356 other authentication methods are disabled for root. 357 358 If this option is set to ``no'', root is not allowed to log in. 359 360 PermitTunnel 361 Specifies whether tun(4) device forwarding is allowed. The argu- 362 ment must be ``yes'', ``point-to-point'' (layer 3), ``ethernet'' 363 (layer 2), or ``no''. Specifying ``yes'' permits both ``point- 364 to-point'' and ``ethernet''. The default is ``no''. 365 366 PermitUserEnvironment 367 Specifies whether ~/.ssh/environment and environment= options in 368 ~/.ssh/authorized_keys are processed by sshd(8). The default is 369 ``no''. Enabling environment processing may enable users to by- 370 pass access restrictions in some configurations using mechanisms 371 such as LD_PRELOAD. 372 373 PidFile 374 Specifies the file that contains the process ID of the SSH dae- 375 mon. The default is /var/run/sshd.pid. 376 377 Port Specifies the port number that sshd(8) listens on. The default 378 is 22. Multiple options of this type are permitted. See also 379 ListenAddress. 380 381 PrintLastLog 382 Specifies whether sshd(8) should print the date and time of the 383 last user login when a user logs in interactively. The default 384 is ``yes''. 385 386 PrintMotd 387 Specifies whether sshd(8) should print /etc/motd when a user logs 388 in interactively. (On some systems it is also printed by the 389 shell, /etc/profile, or equivalent.) The default is ``yes''. 390 391 Protocol 392 Specifies the protocol versions sshd(8) supports. The possible 393 values are `1' and `2'. Multiple versions must be comma-separat- 394 ed. The default is ``2,1''. Note that the order of the protocol 395 list does not indicate preference, because the client selects 396 among multiple protocol versions offered by the server. Specify- 397 ing ``2,1'' is identical to ``1,2''. 398 399 PubkeyAuthentication 400 Specifies whether public key authentication is allowed. The de- 401 fault is ``yes''. Note that this option applies to protocol ver- 402 sion 2 only. 403 404 RhostsRSAAuthentication 405 Specifies whether rhosts or /etc/hosts.equiv authentication to- 406 gether with successful RSA host authentication is allowed. The 407 default is ``no''. This option applies to protocol version 1 on- 408 ly. 409 410 RSAAuthentication 411 Specifies whether pure RSA authentication is allowed. The de- 412 fault is ``yes''. This option applies to protocol version 1 on- 413 ly. 414 415 ServerKeyBits 416 Defines the number of bits in the ephemeral protocol version 1 417 server key. The minimum value is 512, and the default is 768. 418 419 StrictModes 420 Specifies whether sshd(8) should check file modes and ownership 421 of the user's files and home directory before accepting login. 422 This is normally desirable because novices sometimes accidentally 423 leave their directory or files world-writable. The default is 424 ``yes''. 425 426 Subsystem 427 Configures an external subsystem (e.g. file transfer daemon). 428 Arguments should be a subsystem name and a command (with optional 429 arguments) to execute upon subsystem request. The command 430 sftp-server(8) implements the ``sftp'' file transfer subsystem. 431 By default no subsystems are defined. Note that this option ap- 432 plies to protocol version 2 only. 433 434 SyslogFacility 435 Gives the facility code that is used when logging messages from 436 sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, 437 LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de- 438 fault is AUTH. 439 440 TCPKeepAlive 441 Specifies whether the system should send TCP keepalive messages 442 to the other side. If they are sent, death of the connection or 443 crash of one of the machines will be properly noticed. However, 444 this means that connections will die if the route is down tem- 445 porarily, and some people find it annoying. On the other hand, 446 if TCP keepalives are not sent, sessions may hang indefinitely on 447 the server, leaving ``ghost'' users and consuming server re- 448 sources. 449 450 The default is ``yes'' (to send TCP keepalive messages), and the 451 server will notice if the network goes down or the client host 452 crashes. This avoids infinitely hanging sessions. 453 454 To disable TCP keepalive messages, the value should be set to 455 ``no''. 456 457 UseDNS Specifies whether sshd(8) should look up the remote host name and 458 check that the resolved host name for the remote IP address maps 459 back to the very same IP address. The default is ``yes''. 460 461 UseLogin 462 Specifies whether login(1) is used for interactive login ses- 463 sions. The default is ``no''. Note that login(1) is never used 464 for remote command execution. Note also, that if this is en- 465 abled, X11Forwarding will be disabled because login(1) does not 466 know how to handle xauth(1) cookies. If UsePrivilegeSeparation 467 is specified, it will be disabled after authentication. 468 469 UsePAM Enables the Pluggable Authentication Module interface. If set to 470 ``yes'' this will enable PAM authentication using 471 ChallengeResponseAuthentication and PasswordAuthentication in ad- 472 dition to PAM account and session module processing for all au- 473 thentication types. 474 475 Because PAM challenge-response authentication usually serves an 476 equivalent role to password authentication, you should disable 477 either PasswordAuthentication or ChallengeResponseAuthentication. 478 479 If UsePAM is enabled, you will not be able to run sshd(8) as a 480 non-root user. The default is ``no''. 481 482 UsePrivilegeSeparation 483 Specifies whether sshd(8) separates privileges by creating an un- 484 privileged child process to deal with incoming network traffic. 485 After successful authentication, another process will be created 486 that has the privilege of the authenticated user. The goal of 487 privilege separation is to prevent privilege escalation by con- 488 taining any corruption within the unprivileged processes. The 489 default is ``yes''. 490 491 X11DisplayOffset 492 Specifies the first display number available for sshd(8)'s X11 493 forwarding. This prevents sshd from interfering with real X11 494 servers. The default is 10. 495 496 X11Forwarding 497 Specifies whether X11 forwarding is permitted. The argument must 498 be ``yes'' or ``no''. The default is ``no''. 499 500 When X11 forwarding is enabled, there may be additional exposure 501 to the server and to client displays if the sshd(8) proxy display 502 is configured to listen on the wildcard address (see 503 X11UseLocalhost below), though this is not the default. Addi- 504 tionally, the authentication spoofing and authentication data 505 verification and substitution occur on the client side. The se- 506 curity risk of using X11 forwarding is that the client's X11 dis- 507 play server may be exposed to attack when the SSH client requests 508 forwarding (see the warnings for ForwardX11 in ssh_config(5)). A 509 system administrator may have a stance in which they want to pro- 510 tect clients that may expose themselves to attack by unwittingly 511 requesting X11 forwarding, which can warrant a ``no'' setting. 512 513 Note that disabling X11 forwarding does not prevent users from 514 forwarding X11 traffic, as users can always install their own 515 forwarders. X11 forwarding is automatically disabled if UseLogin 516 is enabled. 517 518 X11UseLocalhost 519 Specifies whether sshd(8) should bind the X11 forwarding server 520 to the loopback address or to the wildcard address. By default, 521 sshd binds the forwarding server to the loopback address and sets 522 the hostname part of the DISPLAY environment variable to 523 ``localhost''. This prevents remote hosts from connecting to the 524 proxy display. However, some older X11 clients may not function 525 with this configuration. X11UseLocalhost may be set to ``no'' to 526 specify that the forwarding server should be bound to the wild- 527 card address. The argument must be ``yes'' or ``no''. The de- 528 fault is ``yes''. 529 530 XAuthLocation 531 Specifies the full pathname of the xauth(1) program. The default 532 is /usr/X11R6/bin/xauth. 533 534TIME FORMATS 535 sshd(8) command-line arguments and configuration file options that speci- 536 fy time may be expressed using a sequence of the form: time[qualifier], 537 where time is a positive integer value and qualifier is one of the fol- 538 lowing: 539 540 <none> seconds 541 s | S seconds 542 m | M minutes 543 h | H hours 544 d | D days 545 w | W weeks 546 547 Each member of the sequence is added together to calculate the total time 548 value. 549 550 Time format examples: 551 552 600 600 seconds (10 minutes) 553 10m 10 minutes 554 1h30m 1 hour 30 minutes (90 minutes) 555 556FILES 557 /etc/ssh/sshd_config 558 Contains configuration data for sshd(8). This file should be 559 writable by root only, but it is recommended (though not neces- 560 sary) that it be world-readable. 561 562SEE ALSO 563 sshd(8) 564 565AUTHORS 566 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 567 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 568 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 569 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 570 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 571 for privilege separation. 572 573OpenBSD 4.1 September 25, 1999 9 574