Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ssh/Attic/sshd_config,v retrieving revision 1.1.1.14 retrieving revision 1.31 diff -u -p -r1.1.1.14 -r1.31 --- src/crypto/dist/ssh/Attic/sshd_config 2006/02/04 22:23:24 1.1.1.14 +++ src/crypto/dist/ssh/Attic/sshd_config 2008/06/22 15:42:51 1.31 @@ -1,5 +1,5 @@ -# $NetBSD: sshd_config,v 1.1.1.14 2006/02/04 22:23:24 christos Exp $ -# $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ +# $NetBSD: sshd_config,v 1.31 2008/06/22 15:42:51 christos Exp $ +# $OpenBSD: sshd_config,v 1.77 2008/02/08 23:24:07 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -10,11 +10,15 @@ # default value. #Port 22 -#Protocol 2,1 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: +# Disable legacy (protocol version 1) support in the server for new +# installations. In future the default will change to require explicit +# activation of protocol 1 +Protocol 2 + # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 @@ -32,8 +36,9 @@ # Authentication: -#LoginGraceTime 2m -#PermitRootLogin yes +# Slow machines or long keys may require more processing time. +LoginGraceTime 600 +#PermitRootLogin no #StrictModes yes #MaxAuthTries 6 @@ -71,6 +76,8 @@ #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no +# If you use xorg from pkgsrc then uncomment the following line. +#XAuthLocation /usr/pkg/bin/xauth #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes @@ -78,6 +85,7 @@ #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes +UsePam yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 @@ -86,9 +94,30 @@ #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no +#ChrootDirectory none # no default banner path -#Banner /some/path +#Banner none # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server + +# the following are HPN related configuration options +# tcp receive buffer polling. disable in non autotuning kernels +#TcpRcvBufPoll yes + +# allow the use of the none cipher +#NoneEnabled no + +# disable hpn performance boosts. +#HPNDisabled no + +# buffer size for hpn to non-hpn connections +#HPNBufferSize 2048 + + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# ForceCommand cvs server