src/crypto/dist/ssh/sshd_config - diff

Return to sshd_config CVS log

Up to [cvs.NetBSD.org] / src / crypto / dist / ssh

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/crypto/dist/ssh/Attic/sshd_config between version 1.1.1.3 and 1.1.1.11

-version 1.1.1.3, 2001/04/10 07:14:22
+version 1.1.1.11, 2002/10/01 13:40:02
 Line 1
 Line 1
 Line 1
- #       $OpenBSD: sshd_config,v 1.35 2001/03/25 13:16:11 stevesk Exp $
+ #       $NetBSD$
+ #       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $
- # This is the sshd server system-wide configuration file.  See sshd(8)
+ # This is the sshd server system-wide configuration file.  See
- # for more information.
+ # sshd_config(5) for more information.
- Port 22
+ # The strategy used for options in the default sshd_config shipped with
+ # OpenSSH is to specify options with their default value where
+ # possible, but leave them commented.  Uncommented options change a
+ # default value.
+ #Port 22
  #Protocol 2,1
  #ListenAddress 0.0.0.0
  #ListenAddress ::
- HostKey /etc/ssh_host_key
- HostKey /etc/ssh_host_rsa_key
+ # HostKey for protocol version 1
- HostKey /etc/ssh_host_dsa_key
+ #HostKey /etc/ssh/ssh_host_key
- ServerKeyBits 768
+ # HostKeys for protocol version 2
- LoginGraceTime 600
+ #HostKey /etc/ssh/ssh_host_rsa_key
- KeyRegenerationInterval 3600
+ #HostKey /etc/ssh/ssh_host_dsa_key
- PermitRootLogin yes
- #
+ # Lifetime and size of ephemeral version 1 server key
- # Don't read ~/.rhosts and ~/.shosts files
+ #KeyRegenerationInterval 3600
- IgnoreRhosts yes
+ #ServerKeyBits 768
- # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
- #IgnoreUserKnownHosts yes
- StrictModes yes
- X11Forwarding no
- X11DisplayOffset 10
- PrintMotd yes
- #PrintLastLog no
- KeepAlive yes
  # Logging
- SyslogFacility AUTH
- LogLevel INFO
  #obsoletes QuietMode and FascistLogging
+ #SyslogFacility AUTH
+ #LogLevel INFO
+ # Authentication:
- RhostsAuthentication no
+ #LoginGraceTime 120
- #
+ #PermitRootLogin yes
- # For this to work you will also need host keys in /etc/ssh_known_hosts
+ #StrictModes yes
- RhostsRSAAuthentication no
- #
+ #RSAAuthentication yes
- RSAAuthentication yes
+ #PubkeyAuthentication yes
+ #AuthorizedKeysFile     .ssh/authorized_keys
+ # rhosts authentication should not be used
+ #RhostsAuthentication no
+ # Don't read the user's ~/.rhosts and ~/.shosts files
+ #IgnoreRhosts yes
+ # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+ #RhostsRSAAuthentication no
+ # similar for protocol version 2
+ #HostbasedAuthentication no
+ # Change to yes if you don't trust ~/.ssh/known_hosts for
+ # RhostsRSAAuthentication and HostbasedAuthentication
+ #IgnoreUserKnownHosts no
  # To disable tunneled clear text passwords, change to no here!
- PasswordAuthentication yes
+ #PasswordAuthentication yes
- PermitEmptyPasswords no
+ #PermitEmptyPasswords no
- # Uncomment to disable s/key passwords
+ # Change to no to disable s/key passwords
- #ChallengeResponseAuthentication no
+ #ChallengeResponseAuthentication yes
- # To change Kerberos options
+ # Kerberos options
  #KerberosAuthentication no
  #KerberosOrLocalPasswd yes
+ #KerberosTicketCleanup yes
  #AFSTokenPassing no
- #KerberosTicketCleanup no
- # Kerberos TGT Passing does only work with the AFS kaserver
+ # Kerberos TGT Passing only works with the AFS kaserver
- #KerberosTgtPassing yes
+ #KerberosTgtPassing no
- #CheckMail yes
+ #X11Forwarding no
+ #X11DisplayOffset 10
+ #X11UseLocalhost yes
+ #PrintMotd yes
+ #PrintLastLog yes
+ #KeepAlive yes
  #UseLogin no
+ #UsePrivilegeSeparation yes
+ #PermitUserEnvironment no
+ #Compression yes
+ #MaxStartups 10
+ # no default banner path
+ #Banner /some/path
+ #VerifyReverseMapping no
- #MaxStartups 10:30:60
+ # override default of no subsystems
- #Banner /etc/issue.net
- #ReverseMappingCheck yes
  Subsystem       sftp    /usr/libexec/sftp-server

CVSweb <webmaster@jp.NetBSD.org>