Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Normal
Revision Log

sshd_config@ 403

Last change on this file since 403 was 399, checked in by Rick van der Zwet, 10 years ago
Innitial import of configuration files of zweat
File size: 4.0 KB

Rev	Line
[399]	1	# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
	2	# $FreeBSD: releng/9.3/crypto/openssh/sshd_config 264693 2014-04-20 13:12:32Z des $
	3
	4	# This is the sshd server system-wide configuration file. See
	5	# sshd_config(5) for more information.
	6
	7	# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
	8
	9	# The strategy used for options in the default sshd_config shipped with
	10	# OpenSSH is to specify options with their default value where
	11	# possible, but leave them commented. Uncommented options override the
	12	# default value.
	13
	14	# Note that some of FreeBSD's defaults differ from OpenBSD's, and
	15	# FreeBSD has a few additional options.
	16
	17	Port 1022
	18	#AddressFamily any
	19	#ListenAddress 0.0.0.0
	20	#ListenAddress ::
	21	#ListenAddress 144.76.7.34
	22	ListenAddress 2a01:4f8:190:8221::2
	23
	24	# The default requires explicit activation of protocol 1
	25	#Protocol 2
	26
	27	# HostKey for protocol version 1
	28	#HostKey /etc/ssh/ssh_host_key
	29	# HostKeys for protocol version 2
	30	#HostKey /etc/ssh/ssh_host_rsa_key
	31	#HostKey /etc/ssh/ssh_host_dsa_key
	32	#HostKey /etc/ssh/ssh_host_ecdsa_key
	33	#HostKey /etc/ssh/ssh_host_ed25519_key
	34
	35	# Lifetime and size of ephemeral version 1 server key
	36	#KeyRegenerationInterval 1h
	37	#ServerKeyBits 1024
	38
	39	# Ciphers and keying
	40	#RekeyLimit default none
	41
	42	# Logging
	43	# obsoletes QuietMode and FascistLogging
	44	#SyslogFacility AUTH
	45	#LogLevel INFO
	46
	47	# Authentication:
	48
	49	#LoginGraceTime 2m
	50	#PermitRootLogin no
	51	#StrictModes yes
	52	#MaxAuthTries 6
	53	#MaxSessions 10
	54
	55	#RSAAuthentication yes
	56	#PubkeyAuthentication yes
	57
	58	# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
	59	#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
	60
	61	#AuthorizedPrincipalsFile none
	62
	63	#AuthorizedKeysCommand none
	64	#AuthorizedKeysCommandUser nobody
	65
	66	# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
	67	#RhostsRSAAuthentication no
	68	# similar for protocol version 2
	69	#HostbasedAuthentication no
	70	# Change to yes if you don't trust ~/.ssh/known_hosts for
	71	# RhostsRSAAuthentication and HostbasedAuthentication
	72	#IgnoreUserKnownHosts no
	73	# Don't read the user's ~/.rhosts and ~/.shosts files
	74	#IgnoreRhosts yes
	75
	76	# Change to yes to enable built-in password authentication.
	77	#PasswordAuthentication no
	78	#PermitEmptyPasswords no
	79
	80	# Change to no to disable PAM authentication
	81	#ChallengeResponseAuthentication yes
	82
	83	# Kerberos options
	84	#KerberosAuthentication no
	85	#KerberosOrLocalPasswd yes
	86	#KerberosTicketCleanup yes
	87	#KerberosGetAFSToken no
	88
	89	# GSSAPI options
	90	#GSSAPIAuthentication no
	91	#GSSAPICleanupCredentials yes
	92
	93	# Set this to 'no' to disable PAM authentication, account processing,
	94	# and session processing. If this is enabled, PAM authentication will
	95	# be allowed through the ChallengeResponseAuthentication and
	96	# PasswordAuthentication. Depending on your PAM configuration,
	97	# PAM authentication via ChallengeResponseAuthentication may bypass
	98	# the setting of "PermitRootLogin without-password".
	99	# If you just want the PAM account and session checks to run without
	100	# PAM authentication, then enable this but set PasswordAuthentication
	101	# and ChallengeResponseAuthentication to 'no'.
	102	#UsePAM yes
	103
	104	#AllowAgentForwarding yes
	105	#AllowTcpForwarding yes
	106	#GatewayPorts no
	107	#X11Forwarding yes
	108	#X11DisplayOffset 10
	109	#X11UseLocalhost yes
	110	#PermitTTY yes
	111	#PrintMotd yes
	112	#PrintLastLog yes
	113	#TCPKeepAlive yes
	114	#UseLogin no
	115	#UsePrivilegeSeparation yes
	116	#PermitUserEnvironment no
	117	#Compression delayed
	118	#ClientAliveInterval 0
	119	#ClientAliveCountMax 3
	120	#UseDNS yes
	121	#PidFile /var/run/sshd.pid
	122	#MaxStartups 10:30:100
	123	#PermitTunnel no
	124	#ChrootDirectory none
	125	#VersionAddendum FreeBSD-20140420
	126
	127	# no default banner path
	128	#Banner none
	129
	130	# override default of no subsystems
	131	Subsystem sftp /usr/libexec/sftp-server
	132
	133	# Disable HPN tuning improvements.
	134	#HPNDisabled no
	135
	136	# Buffer size for HPN to non-HPN connections.
	137	#HPNBufferSize 2048
	138
	139	# TCP receive socket buffer polling for HPN. Disable on non autotuning kernels.
	140	#TcpRcvBufPoll yes
	141
	142	# Allow the use of the NONE cipher.
	143	#NoneEnabled no
	144
	145	# Example of overriding settings on a per-user basis
	146	#Match User anoncvs
	147	# X11Forwarding no
	148	# AllowTcpForwarding no
	149	# PermitTTY no
	150	# ForceCommand cvs server
	151	PermitRootLogin yes

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format