API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 25th, 2014
27
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 4.15 KB | None | 0 0
raw download clone embed print report
  1. #   $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
  2.  
  3. # This is the sshd server system-wide configuration file.  See
  4. # sshd_config(5) for more information.
  5.  
  6. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  7.  
  8. # The strategy used for options in the default sshd_config shipped with
  9. # OpenSSH is to specify options with their default value where
  10. # possible, but leave them commented.  Uncommented options change a
  11. # default value.
  12.  
  13. #Port 22
  14. #AddressFamily any
  15. #ListenAddress 0.0.0.0
  16. #ListenAddress ::
  17.  
  18. # Disable legacy (protocol version 1) support in the server for new
  19. # installations. In future the default will change to require explicit
  20. # activation of protocol 1
  21. Protocol 2
  22.  
  23. # HostKey for protocol version 1
  24. #HostKey /etc/ssh/ssh_host_key
  25. # HostKeys for protocol version 2
  26. #HostKey /etc/ssh/ssh_host_rsa_key
  27. #HostKey /etc/ssh/ssh_host_dsa_key
  28.  
  29. # Lifetime and size of ephemeral version 1 server key
  30. #KeyRegenerationInterval 1h
  31. #ServerKeyBits 1024
  32.  
  33. # Logging
  34. # obsoletes QuietMode and FascistLogging
  35. #SyslogFacility AUTH
  36. SyslogFacility AUTHPRIV
  37. #LogLevel INFO
  38.  
  39. # Authentication:
  40.  
  41. #LoginGraceTime 2m
  42. PermitRootLogin yes
  43. # Only allow root to run commands over ssh, no shell
  44. PermitRootLogin forced-commands-only
  45. #StrictModes yes
  46. #MaxAuthTries 6
  47. #MaxSessions 10
  48.  
  49. #RSAAuthentication yes
  50. #PubkeyAuthentication yes
  51. #AuthorizedKeysFile .ssh/authorized_keys
  52. #AuthorizedKeysCommand none
  53. #AuthorizedKeysCommandRunAs nobody
  54.  
  55. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  56. #RhostsRSAAuthentication no
  57. # similar for protocol version 2
  58. #HostbasedAuthentication no
  59. # Change to yes if you don't trust ~/.ssh/known_hosts for
  60. # RhostsRSAAuthentication and HostbasedAuthentication
  61. #IgnoreUserKnownHosts no
  62. # Don't read the user's ~/.rhosts and ~/.shosts files
  63. #IgnoreRhosts yes
  64.  
  65. # To disable tunneled clear text passwords, change to no here!
  66. PasswordAuthentication no
  67. #PermitEmptyPasswords no
  68. # EC2 uses keys for remote access
  69. #PasswordAuthentication yes
  70.  
  71. # Change to no to disable s/key passwords
  72. #ChallengeResponseAuthentication yes
  73. ChallengeResponseAuthentication no
  74.  
  75. # Kerberos options
  76. #KerberosAuthentication no
  77. #KerberosOrLocalPasswd yes
  78. #KerberosTicketCleanup yes
  79. #KerberosGetAFSToken no
  80. #KerberosUseKuserok yes
  81.  
  82. # GSSAPI options
  83. #GSSAPIAuthentication no
  84. #GSSAPIAuthentication yes
  85. #GSSAPICleanupCredentials yes
  86. #GSSAPICleanupCredentials yes
  87. #GSSAPIStrictAcceptorCheck yes
  88. #GSSAPIKeyExchange no
  89.  
  90. # Set this to 'yes' to enable PAM authentication, account processing,
  91. # and session processing. If this is enabled, PAM authentication will
  92. # be allowed through the ChallengeResponseAuthentication and
  93. # PasswordAuthentication.  Depending on your PAM configuration,
  94. # PAM authentication via ChallengeResponseAuthentication may bypass
  95. # the setting of "PermitRootLogin without-password".
  96. # If you just want the PAM account and session checks to run without
  97. # PAM authentication, then enable this but set PasswordAuthentication
  98. # and ChallengeResponseAuthentication to 'no'.
  99. #UsePAM no
  100. # Leaving enabled as described so that account and session checks are run
  101. UsePAM yes
  102.  
  103. # Accept locale-related environment variables
  104. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  105. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  106. AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
  107. AcceptEnv XMODIFIERS
  108.  
  109. #AllowAgentForwarding yes
  110. #AllowTcpForwarding yes
  111. #GatewayPorts no
  112. #X11Forwarding no
  113. X11Forwarding yes
  114. #X11DisplayOffset 10
  115. #X11UseLocalhost yes
  116. #PrintMotd yes
  117. #PrintLastLog yes
  118. # Explicitly enable
  119. PrintLastLog yes
  120. #TCPKeepAlive yes
  121. #UseLogin no
  122. #UsePrivilegeSeparation yes
  123. #PermitUserEnvironment no
  124. #Compression delayed
  125. #ClientAliveInterval 0
  126. #ClientAliveCountMax 3
  127. #ShowPatchLevel no
  128. #UseDNS yes
  129. #PidFile /var/run/sshd.pid
  130. #MaxStartups 10
  131. #PermitTunnel no
  132. #ChrootDirectory none
  133.  
  134. # no default banner path
  135. #Banner none
  136.  
  137. # override default of no subsystems
  138. Subsystem   sftp    /usr/libexec/openssh/sftp-server
  139.  
  140. # Example of overriding settings on a per-user basis
  141. #Match User anoncvs
  142. #   X11Forwarding no
  143. #   AllowTcpForwarding no
  144. #   ForceCommand cvs server
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!