Annotation of src/usr.bin/ssh/sshd_config, Revision 1.2
1.1 deraadt 1: # This is ssh server systemwide configuration file.
2:
3: Port 22
4: ListenAddress 0.0.0.0
1.2 ! deraadt 5: HostKey /etc/ssh_host_key
! 6: RandomSeed /etc/ssh_random_seed
1.1 deraadt 7: ServerKeyBits 768
8: LoginGraceTime 600
9: KeyRegenerationInterval 3600
10: PermitRootLogin yes
11: #
12: # Don't read ~/.rhosts and ~/.shosts files
13: IgnoreRhosts yes
14: StrictModes yes
15: QuietMode no
16: X11Forwarding yes
17: FascistLogging no
18: PrintMotd yes
19: KeepAlive yes
20: SyslogFacility DAEMON
21: RhostsAuthentication no
22: #
1.2 ! deraadt 23: # For this to work you will also need host keys in /etc/ssh_known_hosts
1.1 deraadt 24: RhostsRSAAuthentication yes
25: #
26: # Changed RSAAuthentication to no/bg
27: RSAAuthentication no
28: #
29: # To enable tunneled clear text passwords, change to yes here!
30: PasswordAuthentication no
31: PermitEmptyPasswords no
32: #KerberosOrLocalPasswd yes
33:
34: # Kerberos TGT Passing does only work with the AFS kaserver
35: #KerberosTgtPassing yes
36:
37: # AllowHosts *.our.com friend.other.com
38: # DenyHosts lowsecurity.theirs.com *.evil.org evil.org