Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ssh/Attic/sshd_config,v retrieving revision 1.1.1.4 retrieving revision 1.1.1.5 diff -u -p -r1.1.1.4 -r1.1.1.5 --- src/crypto/dist/ssh/Attic/sshd_config 2001/05/15 15:02:40 1.1.1.4 +++ src/crypto/dist/ssh/Attic/sshd_config 2001/06/23 16:36:56 1.1.1.5 @@ -1,5 +1,5 @@ -# $NetBSD: sshd_config,v 1.1.1.4 2001/05/15 15:02:40 itojun Exp $ -# $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $ +# $NetBSD: sshd_config,v 1.1.1.5 2001/06/23 16:36:56 itojun Exp $ +# $OpenBSD: sshd_config,v 1.41 2001/06/22 21:55:50 markus Exp $ # This is the sshd server system-wide configuration file. See sshd(8) # for more information. @@ -8,38 +8,42 @@ Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: + +# HostKey for protocol version 1 HostKey /etc/ssh_host_key +# HostKeys for protocol version 2 HostKey /etc/ssh_host_rsa_key HostKey /etc/ssh_host_dsa_key -ServerKeyBits 768 -LoginGraceTime 600 + +# Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 -PermitRootLogin yes -# -# Don't read ~/.rhosts and ~/.shosts files -IgnoreRhosts yes -# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#IgnoreUserKnownHosts yes -StrictModes yes -X11Forwarding no -X11DisplayOffset 10 -PrintMotd yes -#PrintLastLog no -KeepAlive yes +ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging +# Authentication: + +LoginGraceTime 600 +PermitRootLogin yes +StrictModes yes + +RSAAuthentication yes +PubkeyAuthentication yes +#AuthorizedKeysFile %h/.ssh/authorized_keys + +# rhosts authentication should not be used RhostsAuthentication no -# +# Don't read the user's ~/.rhosts and ~/.shosts files +IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no -# -RSAAuthentication yes +# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication +#IgnoreUserKnownHosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes @@ -57,6 +61,11 @@ PermitEmptyPasswords no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes +X11Forwarding no +X11DisplayOffset 10 +PrintMotd yes +#PrintLastLog no +KeepAlive yes #CheckMail yes #UseLogin no