Annotation of src/usr.bin/ssh/sshd_config, Revision 1.3
1.1 deraadt 1: # This is ssh server systemwide configuration file.
2:
3: Port 22
4: ListenAddress 0.0.0.0
1.2 deraadt 5: HostKey /etc/ssh_host_key
6: RandomSeed /etc/ssh_random_seed
1.1 deraadt 7: ServerKeyBits 768
8: LoginGraceTime 600
9: KeyRegenerationInterval 3600
10: PermitRootLogin yes
11: #
12: # Don't read ~/.rhosts and ~/.shosts files
13: IgnoreRhosts yes
14: StrictModes yes
15: QuietMode no
1.3 ! deraadt 16: X11Forwarding no
! 17: X11DisplayOffset 10
1.1 deraadt 18: FascistLogging no
19: PrintMotd yes
20: KeepAlive yes
21: SyslogFacility DAEMON
22: RhostsAuthentication no
23: #
1.2 deraadt 24: # For this to work you will also need host keys in /etc/ssh_known_hosts
1.1 deraadt 25: RhostsRSAAuthentication yes
26: #
27: # Changed RSAAuthentication to no/bg
28: RSAAuthentication no
29: #
30: # To enable tunneled clear text passwords, change to yes here!
31: PasswordAuthentication no
32: PermitEmptyPasswords no
33: #KerberosOrLocalPasswd yes
34:
35: # Kerberos TGT Passing does only work with the AFS kaserver
36: #KerberosTgtPassing yes
37:
38: # AllowHosts *.our.com friend.other.com
39: # DenyHosts lowsecurity.theirs.com *.evil.org evil.org