sshd_config revision 1.1.1.2
1 # $NetBSD: sshd_config,v 1.1.1.2 2010/11/21 17:06:07 adam Exp $ 2 # $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $ 3 4 # This is the sshd server system-wide configuration file. See 5 # sshd_config(5) for more information. 6 7 # The strategy used for options in the default sshd_config shipped with 8 # OpenSSH is to specify options with their default value where 9 # possible, but leave them commented. Uncommented options change a 10 # default value. 11 12 #Port 22 13 #AddressFamily any 14 #ListenAddress 0.0.0.0 15 #ListenAddress :: 16 17 # The default requires explicit activation of protocol 1 18 #Protocol 2 19 20 # HostKey for protocol version 1 21 #HostKey /etc/ssh/ssh_host_key 22 # HostKeys for protocol version 2 23 #HostKey /etc/ssh/ssh_host_rsa_key 24 #HostKey /etc/ssh/ssh_host_dsa_key 25 26 # Lifetime and size of ephemeral version 1 server key 27 #KeyRegenerationInterval 1h 28 #ServerKeyBits 1024 29 30 # Logging 31 # obsoletes QuietMode and FascistLogging 32 #SyslogFacility AUTH 33 #LogLevel INFO 34 35 # Authentication: 36 37 #LoginGraceTime 2m 38 #PermitRootLogin yes 39 #StrictModes yes 40 #MaxAuthTries 6 41 #MaxSessions 10 42 43 #RSAAuthentication yes 44 #PubkeyAuthentication yes 45 #AuthorizedKeysFile .ssh/authorized_keys 46 47 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 48 #RhostsRSAAuthentication no 49 # similar for protocol version 2 50 #HostbasedAuthentication no 51 # Change to yes if you don't trust ~/.ssh/known_hosts for 52 # RhostsRSAAuthentication and HostbasedAuthentication 53 #IgnoreUserKnownHosts no 54 # Don't read the user's ~/.rhosts and ~/.shosts files 55 #IgnoreRhosts yes 56 57 # To disable tunneled clear text passwords, change to no here! 58 #PasswordAuthentication yes 59 #PermitEmptyPasswords no 60 61 # Change to no to disable s/key passwords 62 #ChallengeResponseAuthentication yes 63 64 # Kerberos options 65 #KerberosAuthentication no 66 #KerberosOrLocalPasswd yes 67 #KerberosTicketCleanup yes 68 #KerberosGetAFSToken no 69 70 # GSSAPI options 71 #GSSAPIAuthentication no 72 #GSSAPICleanupCredentials yes 73 74 #AllowAgentForwarding yes 75 #AllowTcpForwarding yes 76 #GatewayPorts no 77 #X11Forwarding no 78 #X11DisplayOffset 10 79 #X11UseLocalhost yes 80 #PrintMotd yes 81 #PrintLastLog yes 82 #TCPKeepAlive yes 83 #UseLogin no 84 #UsePrivilegeSeparation yes 85 #PermitUserEnvironment no 86 #Compression delayed 87 #ClientAliveInterval 0 88 #ClientAliveCountMax 3 89 #UseDNS yes 90 #PidFile /var/run/sshd.pid 91 #MaxStartups 10 92 #PermitTunnel no 93 #ChrootDirectory none 94 95 # no default banner path 96 #Banner none 97 98 # override default of no subsystems 99 Subsystem sftp /usr/libexec/sftp-server 100 101 # Example of overriding settings on a per-user basis 102 #Match User anoncvs 103 # X11Forwarding no 104 # AllowTcpForwarding no 105 # ForceCommand cvs server 106
Indexes created Sun Apr 26 00:22:38 UTC 2026