1# $OpenBSD: sshd_config,v 1.43 2001/12/19 07:18:56 deraadt Exp $ 2 3# This is the sshd server system-wide configuration file. See sshd(8) 4# for more information. 5 6Port 22 7#Protocol 2,1 8#ListenAddress 0.0.0.0 9#ListenAddress :: 10 11# HostKey for protocol version 1 12HostKey /etc/ssh_host_key 13# HostKeys for protocol version 2 14HostKey /etc/ssh_host_rsa_key 15HostKey /etc/ssh_host_dsa_key 16 17# Lifetime and size of ephemeral version 1 server key 18KeyRegenerationInterval 3600 19ServerKeyBits 768 20 21# Logging 22SyslogFacility AUTH 23LogLevel INFO 24#obsoletes QuietMode and FascistLogging 25 26# Authentication: 27 28LoginGraceTime 600 29PermitRootLogin yes 30StrictModes yes 31 32RSAAuthentication yes 33PubkeyAuthentication yes 34#AuthorizedKeysFile %h/.ssh/authorized_keys 35 36# rhosts authentication should not be used 37RhostsAuthentication no 38# Don't read the user's ~/.rhosts and ~/.shosts files 39IgnoreRhosts yes 40# For this to work you will also need host keys in /etc/ssh_known_hosts 41RhostsRSAAuthentication no 42# similar for protocol version 2 43HostbasedAuthentication no 44# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 45#IgnoreUserKnownHosts yes 46 47# To disable tunneled clear text passwords, change to no here! 48PasswordAuthentication yes 49PermitEmptyPasswords no 50 51# Uncomment to disable s/key passwords 52#ChallengeResponseAuthentication no 53 54# To change Kerberos options 55#KerberosAuthentication no 56#KerberosOrLocalPasswd yes 57#AFSTokenPassing no 58#KerberosTicketCleanup no 59 60# Kerberos TGT Passing does only work with the AFS kaserver 61#KerberosTgtPassing yes 62 63X11Forwarding no 64X11DisplayOffset 10 65PrintMotd yes 66#PrintLastLog no 67KeepAlive yes 68#UseLogin no 69 70#MaxStartups 10:30:60 71#Banner /etc/issue.net 72#ReverseMappingCheck yes 73 74Subsystem sftp /usr/libexec/sftp-server 75