1.\" -*- nroff -*- 2.\" 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5.\" All rights reserved 6.\" 7.\" As far as I am concerned, the code I have written for this software 8.\" can be used freely for any purpose. Any derived versions of this 9.\" software must be clearly marked as such, and if the derived work is 10.\" incompatible with the protocol description in the RFC file, it must be 11.\" called by a name other than "ssh" or "Secure Shell". 12.\" 13.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. 14.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. 15.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. 16.\" 17.\" Redistribution and use in source and binary forms, with or without 18.\" modification, are permitted provided that the following conditions 19.\" are met: 20.\" 1. Redistributions of source code must retain the above copyright 21.\" notice, this list of conditions and the following disclaimer. 22.\" 2. Redistributions in binary form must reproduce the above copyright 23.\" notice, this list of conditions and the following disclaimer in the 24.\" documentation and/or other materials provided with the distribution. 25.\" 26.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36.\" 37.\" $OpenBSD: sshd_config.5,v 1.102 2009/02/22 23:59:25 djm Exp $ 38.Dd $Mdocdate: February 22 2009 $ 39.Dt SSHD_CONFIG 5 40.Os 41.Sh NAME 42.Nm sshd_config 43.Nd OpenSSH SSH daemon configuration file 44.Sh SYNOPSIS 45.Nm /etc/ssh/sshd_config 46.Sh DESCRIPTION 47.Xr sshd 8 48reads configuration data from 49.Pa /etc/ssh/sshd_config 50(or the file specified with 51.Fl f 52on the command line). 53The file contains keyword-argument pairs, one per line. 54Lines starting with 55.Ql # 56and empty lines are interpreted as comments. 57Arguments may optionally be enclosed in double quotes 58.Pq \&" 59in order to represent arguments containing spaces. 60.Pp 61The possible 62keywords and their meanings are as follows (note that 63keywords are case-insensitive and arguments are case-sensitive): 64.Bl -tag -width Ds 65.It Cm AcceptEnv 66Specifies what environment variables sent by the client will be copied into 67the session's 68.Xr environ 7 . 69See 70.Cm SendEnv 71in 72.Xr ssh_config 5 73for how to configure the client. 74Note that environment passing is only supported for protocol 2. 75Variables are specified by name, which may contain the wildcard characters 76.Ql * 77and 78.Ql \&? . 79Multiple environment variables may be separated by whitespace or spread 80across multiple 81.Cm AcceptEnv 82directives. 83Be warned that some environment variables could be used to bypass restricted 84user environments. 85For this reason, care should be taken in the use of this directive. 86The default is not to accept any environment variables. 87.It Cm AddressFamily 88Specifies which address family should be used by 89.Xr sshd 8 . 90Valid arguments are 91.Dq any , 92.Dq inet 93(use IPv4 only), or 94.Dq inet6 95(use IPv6 only). 96The default is 97.Dq any . 98.It Cm AllowAgentForwarding 99Specifies whether 100.Xr ssh-agent 1 101forwarding is permitted. 102The default is 103.Dq yes . 104Note that disabling agent forwarding does not improve security 105unless users are also denied shell access, as they can always install 106their own forwarders. 107.It Cm AllowGroups 108This keyword can be followed by a list of group name patterns, separated 109by spaces. 110If specified, login is allowed only for users whose primary 111group or supplementary group list matches one of the patterns. 112Only group names are valid; a numerical group ID is not recognized. 113By default, login is allowed for all groups. 114The allow/deny directives are processed in the following order: 115.Cm DenyUsers , 116.Cm AllowUsers , 117.Cm DenyGroups , 118and finally 119.Cm AllowGroups . 120.Pp 121See 122.Sx PATTERNS 123in 124.Xr ssh_config 5 125for more information on patterns. 126.It Cm AllowTcpForwarding 127Specifies whether TCP forwarding is permitted. 128The default is 129.Dq yes . 130Note that disabling TCP forwarding does not improve security unless 131users are also denied shell access, as they can always install their 132own forwarders. 133.It Cm AllowUsers 134This keyword can be followed by a list of user name patterns, separated 135by spaces. 136If specified, login is allowed only for user names that 137match one of the patterns. 138Only user names are valid; a numerical user ID is not recognized. 139By default, login is allowed for all users. 140If the pattern takes the form USER@HOST then USER and HOST 141are separately checked, restricting logins to particular 142users from particular hosts. 143The allow/deny directives are processed in the following order: 144.Cm DenyUsers , 145.Cm AllowUsers , 146.Cm DenyGroups , 147and finally 148.Cm AllowGroups . 149.Pp 150See 151.Sx PATTERNS 152in 153.Xr ssh_config 5 154for more information on patterns. 155.It Cm AuthorizedKeysFile 156Specifies the file that contains the public keys that can be used 157for user authentication. 158.Cm AuthorizedKeysFile 159may contain tokens of the form %T which are substituted during connection 160setup. 161The following tokens are defined: %% is replaced by a literal '%', 162%h is replaced by the home directory of the user being authenticated, and 163%u is replaced by the username of that user. 164After expansion, 165.Cm AuthorizedKeysFile 166is taken to be an absolute path or one relative to the user's home 167directory. 168The default is 169.Dq .ssh/authorized_keys . 170.It Cm Banner 171The contents of the specified file are sent to the remote user before 172authentication is allowed. 173If the argument is 174.Dq none 175then no banner is displayed. 176This option is only available for protocol version 2. 177By default, no banner is displayed. 178.It Cm ChallengeResponseAuthentication 179Specifies whether challenge-response authentication is allowed. 180Specifically, in 181.Dx , 182this controls the use of PAM (see 183.Xr pam 3 ) 184for authentication. 185Note that this affects the effectiveness of the 186.Cm PasswordAuthentication 187and 188.Cm PermitRootLogin 189variables. 190The default is 191.Dq yes . 192.It Cm ChrootDirectory 193Specifies a path to 194.Xr chroot 2 195to after authentication. 196This path, and all its components, must be root-owned directories that are 197not writable by any other user or group. 198.Pp 199The path may contain the following tokens that are expanded at runtime once 200the connecting user has been authenticated: %% is replaced by a literal '%', 201%h is replaced by the home directory of the user being authenticated, and 202%u is replaced by the username of that user. 203.Pp 204The 205.Cm ChrootDirectory 206must contain the necessary files and directories to support the 207users' session. 208For an interactive session this requires at least a shell, typically 209.Xr sh 1 , 210and basic 211.Pa /dev 212nodes such as 213.Xr null 4 , 214.Xr zero 4 , 215.Xr stdin 4 , 216.Xr stdout 4 , 217.Xr stderr 4 , 218.Xr arandom 4 219and 220.Xr tty 4 221devices. 222For file transfer sessions using 223.Dq sftp , 224no additional configuration of the environment is necessary if the 225in-process sftp server is used (see 226.Cm Subsystem 227for details). 228.Pp 229The default is not to 230.Xr chroot 2 . 231.It Cm Ciphers 232Specifies the ciphers allowed for protocol version 2. 233Multiple ciphers must be comma-separated. 234The supported ciphers are 235.Dq 3des-cbc , 236.Dq aes128-cbc , 237.Dq aes192-cbc , 238.Dq aes256-cbc , 239.Dq aes128-ctr , 240.Dq aes192-ctr , 241.Dq aes256-ctr , 242.Dq arcfour128 , 243.Dq arcfour256 , 244.Dq arcfour , 245.Dq blowfish-cbc , 246and 247.Dq cast128-cbc . 248The default is: 249.Bd -literal -offset 3n 250aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, 251aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, 252aes256-cbc,arcfour 253.Ed 254.It Cm ClientAliveCountMax 255Sets the number of client alive messages (see below) which may be 256sent without 257.Xr sshd 8 258receiving any messages back from the client. 259If this threshold is reached while client alive messages are being sent, 260sshd will disconnect the client, terminating the session. 261It is important to note that the use of client alive messages is very 262different from 263.Cm TCPKeepAlive 264(below). 265The client alive messages are sent through the encrypted channel 266and therefore will not be spoofable. 267The TCP keepalive option enabled by 268.Cm TCPKeepAlive 269is spoofable. 270The client alive mechanism is valuable when the client or 271server depend on knowing when a connection has become inactive. 272.Pp 273The default value is 3. 274If 275.Cm ClientAliveInterval 276(see below) is set to 15, and 277.Cm ClientAliveCountMax 278is left at the default, unresponsive SSH clients 279will be disconnected after approximately 45 seconds. 280This option applies to protocol version 2 only. 281.It Cm ClientAliveInterval 282Sets a timeout interval in seconds after which if no data has been received 283from the client, 284.Xr sshd 8 285will send a message through the encrypted 286channel to request a response from the client. 287The default 288is 0, indicating that these messages will not be sent to the client. 289This option applies to protocol version 2 only. 290.It Cm Compression 291Specifies whether compression is allowed, or delayed until 292the user has authenticated successfully. 293The argument must be 294.Dq yes , 295.Dq delayed , 296or 297.Dq no . 298The default is 299.Dq delayed . 300.It Cm DenyGroups 301This keyword can be followed by a list of group name patterns, separated 302by spaces. 303Login is disallowed for users whose primary group or supplementary 304group list matches one of the patterns. 305Only group names are valid; a numerical group ID is not recognized. 306By default, login is allowed for all groups. 307The allow/deny directives are processed in the following order: 308.Cm DenyUsers , 309.Cm AllowUsers , 310.Cm DenyGroups , 311and finally 312.Cm AllowGroups . 313.Pp 314See 315.Sx PATTERNS 316in 317.Xr ssh_config 5 318for more information on patterns. 319.It Cm DenyUsers 320This keyword can be followed by a list of user name patterns, separated 321by spaces. 322Login is disallowed for user names that match one of the patterns. 323Only user names are valid; a numerical user ID is not recognized. 324By default, login is allowed for all users. 325If the pattern takes the form USER@HOST then USER and HOST 326are separately checked, restricting logins to particular 327users from particular hosts. 328The allow/deny directives are processed in the following order: 329.Cm DenyUsers , 330.Cm AllowUsers , 331.Cm DenyGroups , 332and finally 333.Cm AllowGroups . 334.Pp 335See 336.Sx PATTERNS 337in 338.Xr ssh_config 5 339for more information on patterns. 340.It Cm ForceCommand 341Forces the execution of the command specified by 342.Cm ForceCommand , 343ignoring any command supplied by the client and 344.Pa ~/.ssh/rc 345if present. 346The command is invoked by using the user's login shell with the -c option. 347This applies to shell, command, or subsystem execution. 348It is most useful inside a 349.Cm Match 350block. 351The command originally supplied by the client is available in the 352.Ev SSH_ORIGINAL_COMMAND 353environment variable. 354Specifying a command of 355.Dq internal-sftp 356will force the use of an in-process sftp server that requires no support 357files when used with 358.Cm ChrootDirectory . 359.It Cm GatewayPorts 360Specifies whether remote hosts are allowed to connect to ports 361forwarded for the client. 362By default, 363.Xr sshd 8 364binds remote port forwardings to the loopback address. 365This prevents other remote hosts from connecting to forwarded ports. 366.Cm GatewayPorts 367can be used to specify that sshd 368should allow remote port forwardings to bind to non-loopback addresses, thus 369allowing other hosts to connect. 370The argument may be 371.Dq no 372to force remote port forwardings to be available to the local host only, 373.Dq yes 374to force remote port forwardings to bind to the wildcard address, or 375.Dq clientspecified 376to allow the client to select the address to which the forwarding is bound. 377The default is 378.Dq no . 379.It Cm GSSAPIAuthentication 380Specifies whether user authentication based on GSSAPI is allowed. 381The default is 382.Dq no . 383Note that this option applies to protocol version 2 only. 384.It Cm GSSAPICleanupCredentials 385Specifies whether to automatically destroy the user's credentials cache 386on logout. 387The default is 388.Dq yes . 389Note that this option applies to protocol version 2 only. 390.It Cm HostbasedAuthentication 391Specifies whether rhosts or /etc/hosts.equiv authentication together 392with successful public key client host authentication is allowed 393(host-based authentication). 394This option is similar to 395.Cm RhostsRSAAuthentication 396and applies to protocol version 2 only. 397The default is 398.Dq no . 399.It Cm HostbasedUsesNameFromPacketOnly 400Specifies whether or not the server will attempt to perform a reverse 401name lookup when matching the name in the 402.Pa ~/.shosts , 403.Pa ~/.rhosts , 404and 405.Pa /etc/hosts.equiv 406files during 407.Cm HostbasedAuthentication . 408A setting of 409.Dq yes 410means that 411.Xr sshd 8 412uses the name supplied by the client rather than 413attempting to resolve the name from the TCP connection itself. 414The default is 415.Dq no . 416.It Cm HostKey 417Specifies a file containing a private host key 418used by SSH. 419The default is 420.Pa /etc/ssh/ssh_host_key 421for protocol version 1, and 422.Pa /etc/ssh/ssh_host_rsa_key 423and 424.Pa /etc/ssh/ssh_host_dsa_key 425for protocol version 2. 426Note that 427.Xr sshd 8 428will refuse to use a file if it is group/world-accessible. 429It is possible to have multiple host key files. 430.Dq rsa1 431keys are used for version 1 and 432.Dq dsa 433or 434.Dq rsa 435are used for version 2 of the SSH protocol. 436.It Cm IgnoreRhosts 437Specifies that 438.Pa .rhosts 439and 440.Pa .shosts 441files will not be used in 442.Cm RhostsRSAAuthentication 443or 444.Cm HostbasedAuthentication . 445.Pp 446.Pa /etc/hosts.equiv 447and 448.Pa /etc/ssh/shosts.equiv 449are still used. 450The default is 451.Dq yes . 452.It Cm IgnoreUserKnownHosts 453Specifies whether 454.Xr sshd 8 455should ignore the user's 456.Pa ~/.ssh/known_hosts 457during 458.Cm RhostsRSAAuthentication 459or 460.Cm HostbasedAuthentication . 461The default is 462.Dq no . 463.It Cm KerberosAuthentication 464Specifies whether the password provided by the user for 465.Cm PasswordAuthentication 466will be validated through the Kerberos KDC. 467To use this option, the server needs a 468Kerberos servtab which allows the verification of the KDC's identity. 469The default is 470.Dq no . 471.It Cm KerberosGetAFSToken 472If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire 473an AFS token before accessing the user's home directory. 474The default is 475.Dq no . 476.It Cm KerberosOrLocalPasswd 477If password authentication through Kerberos fails then 478the password will be validated via any additional local mechanism 479such as 480.Pa /etc/passwd . 481The default is 482.Dq yes . 483.It Cm KerberosTicketCleanup 484Specifies whether to automatically destroy the user's ticket cache 485file on logout. 486The default is 487.Dq yes . 488.It Cm KeyRegenerationInterval 489In protocol version 1, the ephemeral server key is automatically regenerated 490after this many seconds (if it has been used). 491The purpose of regeneration is to prevent 492decrypting captured sessions by later breaking into the machine and 493stealing the keys. 494The key is never stored anywhere. 495If the value is 0, the key is never regenerated. 496The default is 3600 (seconds). 497.It Cm ListenAddress 498Specifies the local addresses 499.Xr sshd 8 500should listen on. 501The following forms may be used: 502.Pp 503.Bl -item -offset indent -compact 504.It 505.Cm ListenAddress 506.Sm off 507.Ar host No | Ar IPv4_addr No | Ar IPv6_addr 508.Sm on 509.It 510.Cm ListenAddress 511.Sm off 512.Ar host No | Ar IPv4_addr No : Ar port 513.Sm on 514.It 515.Cm ListenAddress 516.Sm off 517.Oo 518.Ar host No | Ar IPv6_addr Oc : Ar port 519.Sm on 520.El 521.Pp 522If 523.Ar port 524is not specified, 525sshd will listen on the address and all prior 526.Cm Port 527options specified. 528The default is to listen on all local addresses. 529Multiple 530.Cm ListenAddress 531options are permitted. 532Additionally, any 533.Cm Port 534options must precede this option for non-port qualified addresses. 535.It Cm LoginGraceTime 536The server disconnects after this time if the user has not 537successfully logged in. 538If the value is 0, there is no time limit. 539The default is 120 seconds. 540.It Cm LogLevel 541Gives the verbosity level that is used when logging messages from 542.Xr sshd 8 . 543The possible values are: 544QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. 545The default is INFO. 546DEBUG and DEBUG1 are equivalent. 547DEBUG2 and DEBUG3 each specify higher levels of debugging output. 548Logging with a DEBUG level violates the privacy of users and is not recommended. 549.It Cm MACs 550Specifies the available MAC (message authentication code) algorithms. 551The MAC algorithm is used in protocol version 2 552for data integrity protection. 553Multiple algorithms must be comma-separated. 554The default is: 555.Bd -literal -offset indent 556hmac-md5,hmac-sha1,umac-64@openssh.com, 557hmac-ripemd160,hmac-sha1-96,hmac-md5-96 558.Ed 559.It Cm Match 560Introduces a conditional block. 561If all of the criteria on the 562.Cm Match 563line are satisfied, the keywords on the following lines override those 564set in the global section of the config file, until either another 565.Cm Match 566line or the end of the file. 567.Pp 568The arguments to 569.Cm Match 570are one or more criteria-pattern pairs. 571The available criteria are 572.Cm User , 573.Cm Group , 574.Cm Host , 575and 576.Cm Address . 577The match patterns may consist of single entries or comma-separated 578lists and may use the wildcard and negation operators described in the 579.Sx PATTERNS 580section of 581.Xr ssh_config 5 . 582.Pp 583The patterns in an 584.Cm Address 585criteria may additionally contain addresses to match in CIDR 586address/masklen format, e.g.\& 587.Dq 192.0.2.0/24 588or 589.Dq 3ffe:ffff::/32 . 590Note that the mask length provided must be consistent with the address - 591it is an error to specify a mask length that is too long for the address 592or one with bits set in this host portion of the address. 593For example, 594.Dq 192.0.2.0/33 595and 596.Dq 192.0.2.0/8 597respectively. 598.Pp 599Only a subset of keywords may be used on the lines following a 600.Cm Match 601keyword. 602Available keywords are 603.Cm AllowAgentForwarding , 604.Cm AllowTcpForwarding , 605.Cm Banner , 606.Cm ChrootDirectory , 607.Cm ForceCommand , 608.Cm GatewayPorts , 609.Cm GSSAPIAuthentication , 610.Cm HostbasedAuthentication , 611.Cm KbdInteractiveAuthentication , 612.Cm KerberosAuthentication , 613.Cm MaxAuthTries , 614.Cm MaxSessions , 615.Cm PasswordAuthentication , 616.Cm PermitEmptyPasswords , 617.Cm PermitOpen , 618.Cm PermitRootLogin , 619.Cm RhostsRSAAuthentication , 620.Cm RSAAuthentication , 621.Cm X11DisplayOffset , 622.Cm X11Forwarding 623and 624.Cm X11UseLocalHost . 625.It Cm MaxAuthTries 626Specifies the maximum number of authentication attempts permitted per 627connection. 628Once the number of failures reaches half this value, 629additional failures are logged. 630The default is 6. 631.It Cm MaxSessions 632Specifies the maximum number of open sessions permitted per network connection. 633The default is 10. 634.It Cm MaxStartups 635Specifies the maximum number of concurrent unauthenticated connections to the 636SSH daemon. 637Additional connections will be dropped until authentication succeeds or the 638.Cm LoginGraceTime 639expires for a connection. 640The default is 10. 641.Pp 642Alternatively, random early drop can be enabled by specifying 643the three colon separated values 644.Dq start:rate:full 645(e.g. "10:30:60"). 646.Xr sshd 8 647will refuse connection attempts with a probability of 648.Dq rate/100 649(30%) 650if there are currently 651.Dq start 652(10) 653unauthenticated connections. 654The probability increases linearly and all connection attempts 655are refused if the number of unauthenticated connections reaches 656.Dq full 657(60). 658.It Cm PasswordAuthentication 659Specifies whether password authentication is allowed. 660The default is 661.Dq yes . 662Note that if 663.Cm ChallengeResponseAuthentication 664is 665.Dq yes , 666.Cm UsePAM 667is 668.Dq yes , 669and the PAM authentication policy for 670.Nm sshd 671includes 672.Xr pam_unix 8 , 673password authentication will be allowed through the challenge-response 674mechanism regardless of the value of 675.Cm PasswordAuthentication . 676.It Cm PermitEmptyPasswords 677When password authentication is allowed, it specifies whether the 678server allows login to accounts with empty password strings. 679The default is 680.Dq no . 681.It Cm PermitOpen 682Specifies the destinations to which TCP port forwarding is permitted. 683The forwarding specification must be one of the following forms: 684.Pp 685.Bl -item -offset indent -compact 686.It 687.Cm PermitOpen 688.Sm off 689.Ar host : port 690.Sm on 691.It 692.Cm PermitOpen 693.Sm off 694.Ar IPv4_addr : port 695.Sm on 696.It 697.Cm PermitOpen 698.Sm off 699.Ar \&[ IPv6_addr \&] : port 700.Sm on 701.El 702.Pp 703Multiple forwards may be specified by separating them with whitespace. 704An argument of 705.Dq any 706can be used to remove all restrictions and permit any forwarding requests. 707By default all port forwarding requests are permitted. 708.It Cm PermitRootLogin 709Specifies whether root can log in using 710.Xr ssh 1 . 711The argument must be 712.Dq yes , 713.Dq without-password , 714.Dq forced-commands-only , 715or 716.Dq no . 717The default is 718.Dq no . 719Note that if 720.Cm ChallengeResponseAuthentication 721is 722.Dq yes , 723the root user may be allowed in with its password even if 724.Cm PermitRootLogin is set to 725.Dq without-password . 726.Pp 727If this option is set to 728.Dq without-password , 729password authentication is disabled for root. 730.Pp 731If this option is set to 732.Dq forced-commands-only , 733root login with public key authentication will be allowed, 734but only if the 735.Ar command 736option has been specified 737(which may be useful for taking remote backups even if root login is 738normally not allowed). 739All other authentication methods are disabled for root. 740.Pp 741If this option is set to 742.Dq no , 743root is not allowed to log in. 744.It Cm PermitTunnel 745Specifies whether 746.Xr tun 4 747device forwarding is allowed. 748The argument must be 749.Dq yes , 750.Dq point-to-point 751(layer 3), 752.Dq ethernet 753(layer 2), or 754.Dq no . 755Specifying 756.Dq yes 757permits both 758.Dq point-to-point 759and 760.Dq ethernet . 761The default is 762.Dq no . 763.It Cm PermitUserEnvironment 764Specifies whether 765.Pa ~/.ssh/environment 766and 767.Cm environment= 768options in 769.Pa ~/.ssh/authorized_keys 770are processed by 771.Xr sshd 8 . 772The default is 773.Dq no . 774Enabling environment processing may enable users to bypass access 775restrictions in some configurations using mechanisms such as 776.Ev LD_PRELOAD . 777.It Cm PidFile 778Specifies the file that contains the process ID of the 779SSH daemon. 780The default is 781.Pa /var/run/sshd.pid . 782.It Cm Port 783Specifies the port number that 784.Xr sshd 8 785listens on. 786The default is 22. 787Multiple options of this type are permitted. 788See also 789.Cm ListenAddress . 790.It Cm PrintLastLog 791Specifies whether 792.Xr sshd 8 793should print the date and time of the last user login when a user logs 794in interactively. 795The default is 796.Dq yes . 797.It Cm PrintMotd 798Specifies whether 799.Xr sshd 8 800should print 801.Pa /etc/motd 802when a user logs in interactively. 803(On some systems it is also printed by the shell, 804.Pa /etc/profile , 805or equivalent.) 806The default is 807.Dq yes . 808.It Cm Protocol 809Specifies the protocol versions 810.Xr sshd 8 811supports. 812The possible values are 813.Sq 1 814and 815.Sq 2 . 816Multiple versions must be comma-separated. 817The default is 818.Dq 2 . 819Note that the order of the protocol list does not indicate preference, 820because the client selects among multiple protocol versions offered 821by the server. 822Specifying 823.Dq 2,1 824is identical to 825.Dq 1,2 . 826.It Cm PubkeyAuthentication 827Specifies whether public key authentication is allowed. 828The default is 829.Dq yes . 830Note that this option applies to protocol version 2 only. 831.It Cm RhostsRSAAuthentication 832Specifies whether rhosts or 833.Pa /etc/hosts.equiv 834authentication together 835with successful RSA host authentication is allowed. 836The default is 837.Dq no . 838This option applies to protocol version 1 only. 839.It Cm RSAAuthentication 840Specifies whether pure RSA authentication is allowed. 841The default is 842.Dq yes . 843This option applies to protocol version 1 only. 844.It Cm ServerKeyBits 845Defines the number of bits in the ephemeral protocol version 1 server key. 846The minimum value is 512, and the default is 1024. 847.It Cm StrictModes 848Specifies whether 849.Xr sshd 8 850should check file modes and ownership of the 851user's files and home directory before accepting login. 852This is normally desirable because novices sometimes accidentally leave their 853directory or files world-writable. 854The default is 855.Dq yes . 856.It Cm Subsystem 857Configures an external subsystem (e.g. file transfer daemon). 858Arguments should be a subsystem name and a command (with optional arguments) 859to execute upon subsystem request. 860.Pp 861The command 862.Xr sftp-server 8 863implements the 864.Dq sftp 865file transfer subsystem. 866.Pp 867Alternately the name 868.Dq internal-sftp 869implements an in-process 870.Dq sftp 871server. 872This may simplify configurations using 873.Cm ChrootDirectory 874to force a different filesystem root on clients. 875.Pp 876By default no subsystems are defined. 877Note that this option applies to protocol version 2 only. 878.It Cm SyslogFacility 879Gives the facility code that is used when logging messages from 880.Xr sshd 8 . 881The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, 882LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. 883The default is AUTH. 884.It Cm TCPKeepAlive 885Specifies whether the system should send TCP keepalive messages to the 886other side. 887If they are sent, death of the connection or crash of one 888of the machines will be properly noticed. 889However, this means that 890connections will die if the route is down temporarily, and some people 891find it annoying. 892On the other hand, if TCP keepalives are not sent, 893sessions may hang indefinitely on the server, leaving 894.Dq ghost 895users and consuming server resources. 896.Pp 897The default is 898.Dq yes 899(to send TCP keepalive messages), and the server will notice 900if the network goes down or the client host crashes. 901This avoids infinitely hanging sessions. 902.Pp 903To disable TCP keepalive messages, the value should be set to 904.Dq no . 905.It Cm UseDNS 906Specifies whether 907.Xr sshd 8 908should look up the remote host name and check that 909the resolved host name for the remote IP address maps back to the 910very same IP address. 911The default is 912.Dq yes . 913.It Cm UseLogin 914Specifies whether 915.Xr login 1 916is used for interactive login sessions. 917The default is 918.Dq no . 919Note that 920.Xr login 1 921is never used for remote command execution. 922Note also, that if this is enabled, 923.Cm X11Forwarding 924will be disabled because 925.Xr login 1 926does not know how to handle 927.Xr xauth 1 928cookies. 929If 930.Cm UsePrivilegeSeparation 931is specified, it will be disabled after authentication. 932.It Cm UsePAM 933Enables the Pluggable Authentication Module interface. 934If set to 935.Dq yes 936this will enable PAM authentication using 937.Cm ChallengeResponseAuthentication 938and 939.Cm PasswordAuthentication 940in addition to PAM account and session module processing for all 941authentication types. 942.Pp 943Because PAM challenge-response authentication usually serves an equivalent 944role to password authentication, you should disable either 945.Cm PasswordAuthentication 946or 947.Cm ChallengeResponseAuthentication. 948.Pp 949If 950.Cm UsePAM 951is enabled, you will not be able to run 952.Xr sshd 8 953as a non-root user. 954The default is 955.Dq no . 956.It Cm UsePrivilegeSeparation 957Specifies whether 958.Xr sshd 8 959separates privileges by creating an unprivileged child process 960to deal with incoming network traffic. 961After successful authentication, another process will be created that has 962the privilege of the authenticated user. 963The goal of privilege separation is to prevent privilege 964escalation by containing any corruption within the unprivileged processes. 965The default is 966.Dq yes . 967.It Cm VersionAddendum 968Specifies a string to append to the regular version string to identify 969OS- or site-specific modifications. 970The default is 971.Dq DragonFly-20090620 . 972.It Cm X11DisplayOffset 973Specifies the first display number available for 974.Xr sshd 8 Ns 's 975X11 forwarding. 976This prevents sshd from interfering with real X11 servers. 977The default is 10. 978.It Cm X11Forwarding 979Specifies whether X11 forwarding is permitted. 980The argument must be 981.Dq yes 982or 983.Dq no . 984The default is 985.Dq yes . 986.Pp 987When X11 forwarding is enabled, there may be additional exposure to 988the server and to client displays if the 989.Xr sshd 8 990proxy display is configured to listen on the wildcard address (see 991.Cm X11UseLocalhost 992below), though this is not the default. 993Additionally, the authentication spoofing and authentication data 994verification and substitution occur on the client side. 995The security risk of using X11 forwarding is that the client's X11 996display server may be exposed to attack when the SSH client requests 997forwarding (see the warnings for 998.Cm ForwardX11 999in 1000.Xr ssh_config 5 ) . 1001A system administrator may have a stance in which they want to 1002protect clients that may expose themselves to attack by unwittingly 1003requesting X11 forwarding, which can warrant a 1004.Dq no 1005setting. 1006.Pp 1007Note that disabling X11 forwarding does not prevent users from 1008forwarding X11 traffic, as users can always install their own forwarders. 1009X11 forwarding is automatically disabled if 1010.Cm UseLogin 1011is enabled. 1012.It Cm X11UseLocalhost 1013Specifies whether 1014.Xr sshd 8 1015should bind the X11 forwarding server to the loopback address or to 1016the wildcard address. 1017By default, 1018sshd binds the forwarding server to the loopback address and sets the 1019hostname part of the 1020.Ev DISPLAY 1021environment variable to 1022.Dq localhost . 1023This prevents remote hosts from connecting to the proxy display. 1024However, some older X11 clients may not function with this 1025configuration. 1026.Cm X11UseLocalhost 1027may be set to 1028.Dq no 1029to specify that the forwarding server should be bound to the wildcard 1030address. 1031The argument must be 1032.Dq yes 1033or 1034.Dq no . 1035The default is 1036.Dq yes . 1037.It Cm XAuthLocation 1038Specifies the full pathname of the 1039.Xr xauth 1 1040program. 1041The default is 1042.Pa /usr/X11R6/bin/xauth . 1043.El 1044.Sh TIME FORMATS 1045.Xr sshd 8 1046command-line arguments and configuration file options that specify time 1047may be expressed using a sequence of the form: 1048.Sm off 1049.Ar time Op Ar qualifier , 1050.Sm on 1051where 1052.Ar time 1053is a positive integer value and 1054.Ar qualifier 1055is one of the following: 1056.Pp 1057.Bl -tag -width Ds -compact -offset indent 1058.It Aq Cm none 1059seconds 1060.It Cm s | Cm S 1061seconds 1062.It Cm m | Cm M 1063minutes 1064.It Cm h | Cm H 1065hours 1066.It Cm d | Cm D 1067days 1068.It Cm w | Cm W 1069weeks 1070.El 1071.Pp 1072Each member of the sequence is added together to calculate 1073the total time value. 1074.Pp 1075Time format examples: 1076.Pp 1077.Bl -tag -width Ds -compact -offset indent 1078.It 600 1079600 seconds (10 minutes) 1080.It 10m 108110 minutes 1082.It 1h30m 10831 hour 30 minutes (90 minutes) 1084.El 1085.Sh FILES 1086.Bl -tag -width Ds 1087.It Pa /etc/ssh/sshd_config 1088Contains configuration data for 1089.Xr sshd 8 . 1090This file should be writable by root only, but it is recommended 1091(though not necessary) that it be world-readable. 1092.El 1093.Sh SEE ALSO 1094.Xr sshd 8 1095.Sh AUTHORS 1096OpenSSH is a derivative of the original and free 1097ssh 1.2.12 release by Tatu Ylonen. 1098Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 1099Theo de Raadt and Dug Song 1100removed many bugs, re-added newer features and 1101created OpenSSH. 1102Markus Friedl contributed the support for SSH 1103protocol versions 1.5 and 2.0. 1104Niels Provos and Markus Friedl contributed support 1105for privilege separation. 1106