src/crypto/dist/ssh/sshd_config - annotate

Return to sshd_config CVS log
Up to [cvs.NetBSD.org] / src / crypto / dist / ssh
Annotation of src/crypto/dist/ssh/sshd_config, Revision 1.8

1.8     ! cjs         1: #      $NetBSD: sshd_config,v 1.7 2001/06/23 19:37:42 itojun Exp $
1.7       itojun      2: #      $OpenBSD: sshd_config,v 1.41 2001/06/22 21:55:50 markus Exp $
1.1       itojun      3:
                      4: # This is the sshd server system-wide configuration file.  See sshd(8)
                      5: # for more information.
                      6:
                      7: Port 22
                      8: #Protocol 2,1
                      9: #ListenAddress 0.0.0.0
                     10: #ListenAddress ::
1.7       itojun     11:
                     12: # HostKey for protocol version 1
1.1       itojun     13: HostKey /etc/ssh_host_key
1.7       itojun     14: # HostKeys for protocol version 2
1.3       itojun     15: HostKey /etc/ssh_host_rsa_key
1.1       itojun     16: HostKey /etc/ssh_host_dsa_key
1.7       itojun     17:
                     18: # Lifetime and size of ephemeral version 1 server key
                     19: KeyRegenerationInterval 3600
1.1       itojun     20: ServerKeyBits 768
                     21:
                     22: # Logging
                     23: SyslogFacility AUTH
                     24: LogLevel INFO
                     25: #obsoletes QuietMode and FascistLogging
                     26:
1.7       itojun     27: # Authentication:
                     28:
                     29: LoginGraceTime 600
1.8     ! cjs        30: PermitRootLogin no
1.7       itojun     31: StrictModes yes
                     32:
                     33: RSAAuthentication yes
                     34: PubkeyAuthentication yes
                     35: #AuthorizedKeysFile    %h/.ssh/authorized_keys
                     36:
                     37: # rhosts authentication should not be used
1.1       itojun     38: RhostsAuthentication no
1.7       itojun     39: # Don't read the user's ~/.rhosts and ~/.shosts files
                     40: IgnoreRhosts yes
                     41: IgnoreRootRhosts yes
1.1       itojun     42: # For this to work you will also need host keys in /etc/ssh_known_hosts
                     43: RhostsRSAAuthentication no
1.5       itojun     44: # similar for protocol version 2
                     45: HostbasedAuthentication no
1.7       itojun     46: # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
                     47: #IgnoreUserKnownHosts yes
1.1       itojun     48:
                     49: # To disable tunneled clear text passwords, change to no here!
                     50: PasswordAuthentication yes
                     51: PermitEmptyPasswords no
                     52:
                     53: # Uncomment to disable s/key passwords
                     54: #ChallengeResponseAuthentication no
                     55:
                     56: # To change Kerberos options
                     57: #KerberosAuthentication no
                     58: #KerberosOrLocalPasswd yes
                     59: #AFSTokenPassing no
                     60: #KerberosTicketCleanup no
                     61:
                     62: # Kerberos TGT Passing does only work with the AFS kaserver
                     63: #KerberosTgtPassing yes
                     64:
1.7       itojun     65: X11Forwarding no
                     66: X11DisplayOffset 10
                     67: PrintMotd yes
                     68: #PrintLastLog no
                     69: KeepAlive yes
1.1       itojun     70: #CheckMail yes
                     71: #UseLogin no
                     72:
                     73: #MaxStartups 10:30:60
                     74: #Banner /etc/issue.net
                     75: #ReverseMappingCheck yes
                     76:
                     77: Subsystem      sftp    /usr/libexec/sftp-server
CVSweb <webmaster@jp.NetBSD.org>