Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ssh/Attic/sshd_config,v retrieving revision 1.2.2.3 retrieving revision 1.3 diff -u -p -r1.2.2.3 -r1.3 --- src/crypto/dist/ssh/Attic/sshd_config 2001/12/10 23:54:43 1.2.2.3 +++ src/crypto/dist/ssh/Attic/sshd_config 2001/03/19 20:03:31 1.3 @@ -1,5 +1,5 @@ -# $NetBSD: sshd_config,v 1.2.2.3 2001/12/10 23:54:43 he Exp $ -# $OpenBSD: sshd_config,v 1.42 2001/09/20 20:57:51 mouring Exp $ +# $NetBSD: sshd_config,v 1.3 2001/03/19 20:03:31 itojun Exp $ +# $OpenBSD: sshd_config,v 1.34 2001/02/24 10:37:26 deraadt Exp $ # This is the sshd server system-wide configuration file. See sshd(8) # for more information. @@ -8,43 +8,36 @@ Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: - -# HostKey for protocol version 1 HostKey /etc/ssh_host_key -# HostKeys for protocol version 2 HostKey /etc/ssh_host_rsa_key HostKey /etc/ssh_host_dsa_key - -# Lifetime and size of ephemeral version 1 server key -KeyRegenerationInterval 3600 ServerKeyBits 768 +LoginGraceTime 600 +KeyRegenerationInterval 3600 +PermitRootLogin yes +# +# Don't read ~/.rhosts and ~/.shosts files +IgnoreRhosts yes +IgnoreRootRhosts yes +# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication +#IgnoreUserKnownHosts yes +StrictModes yes +X11Forwarding no +X11DisplayOffset 10 +PrintMotd yes +KeepAlive yes # Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging -# Authentication: - -LoginGraceTime 600 -PermitRootLogin no -StrictModes yes - -RSAAuthentication yes -PubkeyAuthentication yes -#AuthorizedKeysFile %h/.ssh/authorized_keys - -# rhosts authentication should not be used RhostsAuthentication no -# Don't read the user's ~/.rhosts and ~/.shosts files -IgnoreRhosts yes -IgnoreRootRhosts yes +# # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no -# similar for protocol version 2 -HostbasedAuthentication no -# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#IgnoreUserKnownHosts yes +# +RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes @@ -62,11 +55,7 @@ PermitEmptyPasswords no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes -X11Forwarding no -X11DisplayOffset 10 -PrintMotd yes -#PrintLastLog no -KeepAlive yes +#CheckMail yes #UseLogin no #MaxStartups 10:30:60