# This is ssh server systemwide configuration file. Port 22 ListenAddress 0.0.0.0 HostKey /etc/ssh_host_key RandomSeed /etc/ssh_random_seed ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes StrictModes yes QuietMode no X11Forwarding no X11DisplayOffset 10 FascistLogging no PrintMotd yes KeepAlive yes SyslogFacility AUTH RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication yes # # Changed RSAAuthentication to no/bg RSAAuthentication no # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes # XXX implement these #UseLogin no #CheckMail no # AllowHosts *.our.com friend.other.com # DenyHosts lowsecurity.theirs.com *.evil.org evil.org