API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 5th, 2014
419
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.85 KB | None | 0 0
raw download clone embed print report
  1. # $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $
  2.  
  3. # This is the sshd server system-wide configuration file. See
  4. # sshd_config(5) for more information.
  5.  
  6. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
  7.  
  8. # The strategy used for options in the default sshd_config shipped with
  9. # OpenSSH is to specify options with their default value where
  10. # possible, but leave them commented. Uncommented options change a
  11. # default value.
  12.  
  13. #Port 22
  14. #AddressFamily any
  15. #ListenAddress 0.0.0.0
  16. #ListenAddress ::
  17.  
  18. # The default requires explicit activation of protocol 1
  19. #Protocol 2
  20.  
  21. # HostKey for protocol version 1
  22. #HostKey /etc/ssh/ssh_host_key
  23. # HostKeys for protocol version 2
  24. #HostKey /etc/ssh/ssh_host_rsa_key
  25. #HostKey /etc/ssh/ssh_host_dsa_key
  26. #HostKey /etc/ssh/ssh_host_ecdsa_key
  27.  
  28. # Lifetime and size of ephemeral version 1 server key
  29. #KeyRegenerationInterval 1h
  30. #ServerKeyBits 1024
  31.  
  32. # Logging
  33. # obsoletes QuietMode and FascistLogging
  34. #SyslogFacility AUTH
  35. #LogLevel INFO
  36.  
  37. # Authentication:
  38.  
  39. #LoginGraceTime 2m
  40. #PermitRootLogin yes
  41. #StrictModes yes
  42. #MaxAuthTries 6
  43. #MaxSessions 10
  44.  
  45. #RSAAuthentication yes
  46. #PubkeyAuthentication yes
  47. #AuthorizedKeysFile .ssh/authorized_keys
  48.  
  49. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  50. #RhostsRSAAuthentication no
  51. # similar for protocol version 2
  52. #HostbasedAuthentication no
  53. # Change to yes if you don't trust ~/.ssh/known_hosts for
  54. # RhostsRSAAuthentication and HostbasedAuthentication
  55. #IgnoreUserKnownHosts no
  56. # Don't read the user's ~/.rhosts and ~/.shosts files
  57. #IgnoreRhosts yes
  58.  
  59. # To disable tunneled clear text passwords, change to no here!
  60. #PasswordAuthentication yes
  61. #PermitEmptyPasswords no
  62.  
  63. # Change to no to disable s/key passwords
  64. #ChallengeResponseAuthentication yes
  65. ChallengeResponseAuthentication no
  66.  
  67. # Kerberos options
  68. #KerberosAuthentication no
  69. #KerberosOrLocalPasswd yes
  70. #KerberosTicketCleanup yes
  71. #KerberosGetAFSToken no
  72.  
  73. # GSSAPI options
  74. #GSSAPIAuthentication no
  75. #GSSAPICleanupCredentials yes
  76.  
  77. # Set this to 'yes' to enable PAM authentication, account processing,
  78. # and session processing. If this is enabled, PAM authentication will
  79. # be allowed through the ChallengeResponseAuthentication and
  80. # PasswordAuthentication. Depending on your PAM configuration,
  81. # PAM authentication via ChallengeResponseAuthentication may bypass
  82. # the setting of "PermitRootLogin without-password".
  83. # If you just want the PAM account and session checks to run without
  84. # PAM authentication, then enable this but set PasswordAuthentication
  85. # and ChallengeResponseAuthentication to 'no'.
  86. UsePAM yes
  87. #UsePAM no
  88.  
  89. #AllowAgentForwarding yes
  90. AllowTcpForwarding no
  91. #GatewayPorts no
  92. #X11Forwarding no
  93. #X11DisplayOffset 10
  94. #X11UseLocalhost yes
  95. #PrintMotd yes
  96. #PrintLastLog yes
  97. #TCPKeepAlive yes
  98. #UseLogin no
  99. #UsePrivilegeSeparation yes
  100. #PermitUserEnvironment no
  101. #Compression delayed
  102. #ClientAliveInterval 0
  103. #ClientAliveCountMax 3
  104. UseDNS no
  105. #PidFile /var/run/sshd.pid
  106. #MaxStartups 10
  107. #PermitTunnel no
  108. ChrootDirectory none
  109. #ChrootDirectory /var/services/homes/%u
  110. #DenyUsers admin
  111.  
  112. # no default banner path
  113. #Banner none
  114.  
  115. # override default of no subsystems
  116. #Subsystem sftp /usr/libexec/sftp-server
  117. #Subsystem sftp internal-sftp -f DAEMON -l VERBOSE -u 000
  118. Subsystem sftp internal-sftp -f DAEMON -u 000
  119. #Subsystem sftp /usr/syno/sbin/sftp-server -l DEBUG3
  120.  
  121. # the following are HPN related configuration options
  122. # tcp receive buffer polling. disable in non autotuning kernels
  123. #TcpRcvBufPoll yes
  124.  
  125. # allow the use of the none cipher
  126. #NoneEnabled no
  127.  
  128. # disable hpn performance boosts.
  129. #HPNDisabled no
  130.  
  131. # buffer size for hpn to non-hpn connections
  132. #HPNBufferSize 2048
  133.  
  134.  
  135. # Example of overriding settings on a per-user basis
  136. Match User root
  137. # X11Forwarding no
  138. AllowTcpForwarding yes
  139. # ForceCommand cvs server
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!