API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 6th, 2012
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.25 KB | None | 0 0
raw download clone embed print report
  1. # Package generated configuration file
  2. # See the sshd_config(5) manpage for details
  3.  
  4. # What ports, IPs and protocols we listen for
  5. Port 22
  6. # Use these options to restrict which interfaces/protocols sshd will bind to
  7. #ListenAddress ::
  8. #ListenAddress 0.0.0.0
  9. Protocol 2
  10. # HostKeys for protocol version 2
  11. HostKey /etc/ssh/ssh_host_rsa_key
  12. HostKey /etc/ssh/ssh_host_dsa_key
  13. #Privilege Separation is turned on for security
  14. UsePrivilegeSeparation yes
  15.  
  16. # Lifetime and size of ephemeral version 1 server key
  17. KeyRegenerationInterval 3600
  18. ServerKeyBits 768
  19.  
  20. # Logging
  21. SyslogFacility AUTH
  22. LogLevel INFO
  23.  
  24. # Authentication:
  25. LoginGraceTime 120
  26. PermitRootLogin yes
  27. StrictModes yes
  28.  
  29. RSAAuthentication yes
  30. PubkeyAuthentication yes
  31. #AuthorizedKeysFile %h/.ssh/authorized_keys
  32.  
  33.  
  34. # To enable empty passwords, change to yes (NOT RECOMMENDED)
  35. PermitEmptyPasswords no
  36.  
  37. # Change to yes to enable challenge-response passwords (beware issues with
  38. # some PAM modules and threads)
  39. ChallengeResponseAuthentication no
  40.  
  41. # Change to no to disable tunnelled clear text passwords
  42. #PasswordAuthentication yes
  43.  
  44. # Kerberos options
  45. #KerberosAuthentication no
  46. #KerberosGetAFSToken no
  47. #KerberosOrLocalPasswd yes
  48. #KerberosTicketCleanup yes
  49.  
  50. # GSSAPI options
  51. #GSSAPIAuthentication no
  52. #GSSAPICleanupCredentials yes
  53.  
  54. X11Forwarding yes
  55. X11DisplayOffset 10
  56. PrintMotd no
  57. PrintLastLog yes
  58. TCPKeepAlive yes
  59. #UseLogin no
  60.  
  61. #MaxStartups 10:30:60
  62. #Banner /etc/issue.net
  63.  
  64. # Allow client to pass locale environment variables
  65. AcceptEnv LANG LC_*
  66.  
  67. Subsystem sftp /usr/lib/openssh/sftp-server
  68.  
  69. # Set this to 'yes' to enable PAM authentication, account processing,
  70. # and session processing. If this is enabled, PAM authentication will
  71. # be allowed through the ChallengeResponseAuthentication and
  72. # PasswordAuthentication. Depending on your PAM configuration,
  73. # PAM authentication via ChallengeResponseAuthentication may bypass
  74. # the setting of "PermitRootLogin without-password".
  75. # If you just want the PAM account and session checks to run without
  76. # PAM authentication, then enable this but set PasswordAuthentication
  77. # and ChallengeResponseAuthentication to 'no'.
  78. UsePAM yes
  79.  
  80.  
  81. IgnoreRhosts no
  82. RhostsRSAAuthentication yes
  83. HostbasedAuthentication yes
  84. IgnoreUserKnownHosts no
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!