Annotation of elwix/config/etc/default/ssh/sshd_config, revision 1.2
1.2 ! misho 1: # $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $
! 2: # $FreeBSD: src/crypto/openssh/sshd_config,v 1.55 2011/05/04 07:34:44 des Exp $
1.1 misho 3:
4: # This is the sshd server system-wide configuration file. See
5: # sshd_config(5) for more information.
6:
7: # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
8:
9: # The strategy used for options in the default sshd_config shipped with
10: # OpenSSH is to specify options with their default value where
11: # possible, but leave them commented. Uncommented options change a
12: # default value.
13:
14: # Note that some of FreeBSD's defaults differ from OpenBSD's, and
15: # FreeBSD has a few additional options.
16:
1.2 ! misho 17: #VersionAddendum FreeBSD-20110503
1.1 misho 18:
19: #Port 22
20: #AddressFamily any
21: #ListenAddress 0.0.0.0
22: #ListenAddress ::
23:
24: # The default requires explicit activation of protocol 1
25: #Protocol 2
26:
27: # HostKey for protocol version 1
28: #HostKey /etc/ssh/ssh_host_key
29: # HostKeys for protocol version 2
30: #HostKey /etc/ssh/ssh_host_rsa_key
31: #HostKey /etc/ssh/ssh_host_dsa_key
1.2 ! misho 32: #HostKey /etc/ssh/ssh_host_ecdsa_key
1.1 misho 33:
34: # Lifetime and size of ephemeral version 1 server key
35: #KeyRegenerationInterval 1h
36: #ServerKeyBits 1024
37:
38: # Logging
39: # obsoletes QuietMode and FascistLogging
40: #SyslogFacility AUTH
41: #LogLevel INFO
42:
43: # Authentication:
44:
45: #LoginGraceTime 2m
46: PermitRootLogin yes
47: #StrictModes yes
48: #MaxAuthTries 6
49: #MaxSessions 10
50:
51: #RSAAuthentication yes
52: #PubkeyAuthentication yes
53: #AuthorizedKeysFile .ssh/authorized_keys
54:
55: # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
56: #RhostsRSAAuthentication no
57: # similar for protocol version 2
58: #HostbasedAuthentication no
59: # Change to yes if you don't trust ~/.ssh/known_hosts for
60: # RhostsRSAAuthentication and HostbasedAuthentication
61: #IgnoreUserKnownHosts no
62: # Don't read the user's ~/.rhosts and ~/.shosts files
63: #IgnoreRhosts yes
64:
65: # Change to yes to enable built-in password authentication.
66: PasswordAuthentication yes
67: #PermitEmptyPasswords no
68:
69: # Change to no to disable PAM authentication
70: #ChallengeResponseAuthentication yes
71:
72: # Kerberos options
73: #KerberosAuthentication no
74: #KerberosOrLocalPasswd yes
75: #KerberosTicketCleanup yes
76: #KerberosGetAFSToken no
77:
78: # GSSAPI options
79: #GSSAPIAuthentication no
80: #GSSAPICleanupCredentials yes
81:
82: # Set this to 'no' to disable PAM authentication, account processing,
83: # and session processing. If this is enabled, PAM authentication will
84: # be allowed through the ChallengeResponseAuthentication and
85: # PasswordAuthentication. Depending on your PAM configuration,
86: # PAM authentication via ChallengeResponseAuthentication may bypass
87: # the setting of "PermitRootLogin without-password".
88: # If you just want the PAM account and session checks to run without
89: # PAM authentication, then enable this but set PasswordAuthentication
90: # and ChallengeResponseAuthentication to 'no'.
91: #UsePAM yes
92:
93: #AllowAgentForwarding yes
94: #AllowTcpForwarding yes
95: #GatewayPorts no
96: #X11Forwarding yes
97: #X11DisplayOffset 10
98: #X11UseLocalhost yes
99: #PrintMotd yes
100: #PrintLastLog yes
101: #TCPKeepAlive yes
102: #UseLogin no
103: #UsePrivilegeSeparation yes
104: #PermitUserEnvironment no
105: #Compression delayed
106: ClientAliveInterval 5
107: ClientAliveCountMax 3
108: UseDNS no
109: #PidFile /var/run/sshd.pid
110: #MaxStartups 10
111: #PermitTunnel no
112: #ChrootDirectory none
113:
114: # no default banner path
115: #Banner none
116:
117: # override default of no subsystems
118: Subsystem sftp /usr/libexec/sftp-server
119:
120: # Example of overriding settings on a per-user basis
121: #Match User anoncvs
122: # X11Forwarding no
123: # AllowTcpForwarding no
124: # ForceCommand cvs server
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sshd_config CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / elwix / config / etc / default / ssh