Annotation of src/usr.bin/ssh/sshd_config, Revision 1.9
1.1 deraadt 1: # This is ssh server systemwide configuration file.
2:
3: Port 22
4: ListenAddress 0.0.0.0
1.2 deraadt 5: HostKey /etc/ssh_host_key
1.1 deraadt 6: ServerKeyBits 768
7: LoginGraceTime 600
8: KeyRegenerationInterval 3600
9: PermitRootLogin yes
10: #
11: # Don't read ~/.rhosts and ~/.shosts files
12: IgnoreRhosts yes
13: StrictModes yes
14: QuietMode no
1.3 deraadt 15: X11Forwarding no
16: X11DisplayOffset 10
1.1 deraadt 17: FascistLogging no
18: PrintMotd yes
19: KeepAlive yes
1.4 deraadt 20: SyslogFacility AUTH
1.1 deraadt 21: RhostsAuthentication no
22: #
1.2 deraadt 23: # For this to work you will also need host keys in /etc/ssh_known_hosts
1.8 deraadt 24: RhostsRSAAuthentication no
1.1 deraadt 25: #
26: # Changed RSAAuthentication to no/bg
1.8 deraadt 27: RSAAuthentication yes
1.6 deraadt 28:
29: # To disable tunneled clear text passwords, change to no here!
1.5 deraadt 30: PasswordAuthentication yes
1.1 deraadt 31: PermitEmptyPasswords no
1.9 ! markus 32: # Uncomment to disable s/key passwords
! 33: #SkeyAuthentication no
1.6 deraadt 34:
35: # To change Kerberos options
36: #KerberosAuthentication no
1.1 deraadt 37: #KerberosOrLocalPasswd yes
1.6 deraadt 38: #AFSTokenPassing no
39: #KerberosTicketCleanup no
1.1 deraadt 40:
41: # Kerberos TGT Passing does only work with the AFS kaserver
42: #KerberosTgtPassing yes
43:
1.6 deraadt 44: # XXX implement these
45: #UseLogin no
46: #CheckMail no
47:
1.1 deraadt 48: # AllowHosts *.our.com friend.other.com
49: # DenyHosts lowsecurity.theirs.com *.evil.org evil.org
1.4 deraadt 50:
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh