API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 6th, 2014
240
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.82 KB | None | 0 0
raw download clone embed print report
  1. [saint@saint-raspberrypi ~]$ cat /etc/ssh/sshd_config
  2. # $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
  3.  
  4. # This is the sshd server system-wide configuration file. See
  5. # sshd_config(5) for more information.
  6.  
  7. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
  8.  
  9. # The strategy used for options in the default sshd_config shipped with
  10. # OpenSSH is to specify options with their default value where
  11. # possible, but leave them commented. Uncommented options override the
  12. # default value.
  13.  
  14. #Port 22
  15. #AddressFamily any
  16. #ListenAddress 0.0.0.0
  17. #ListenAddress ::
  18.  
  19. # The default requires explicit activation of protocol 1
  20. #Protocol 2
  21.  
  22. # HostKey for protocol version 1
  23. #HostKey /etc/ssh/ssh_host_key
  24. # HostKeys for protocol version 2
  25. #HostKey /etc/ssh/ssh_host_rsa_key
  26. #HostKey /etc/ssh/ssh_host_dsa_key
  27. #HostKey /etc/ssh/ssh_host_ecdsa_key
  28. #HostKey /etc/ssh/ssh_host_ed25519_key
  29.  
  30. # Lifetime and size of ephemeral version 1 server key
  31. #KeyRegenerationInterval 1h
  32. #ServerKeyBits 1024
  33.  
  34. # Ciphers and keying
  35. #RekeyLimit default none
  36.  
  37. # Logging
  38. # obsoletes QuietMode and FascistLogging
  39. #SyslogFacility AUTH
  40. #LogLevel INFO
  41.  
  42. # Authentication:
  43.  
  44. #LoginGraceTime 2m
  45. PermitRootLogin no
  46. #StrictModes yes
  47. #MaxAuthTries 6
  48. #MaxSessions 10
  49.  
  50. #RSAAuthentication yes
  51. #PubkeyAuthentication yes
  52.  
  53. # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
  54. # but this is overridden so installations will only check .ssh/authorized_keys
  55. AuthorizedKeysFile .ssh/authorized_keys
  56.  
  57. #AuthorizedPrincipalsFile none
  58.  
  59. #AuthorizedKeysCommand none
  60. #AuthorizedKeysCommandUser nobody
  61.  
  62. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  63. #RhostsRSAAuthentication no
  64. # similar for protocol version 2
  65. #HostbasedAuthentication no
  66. # Change to yes if you don't trust ~/.ssh/known_hosts for
  67. # RhostsRSAAuthentication and HostbasedAuthentication
  68. #IgnoreUserKnownHosts no
  69. # Don't read the user's ~/.rhosts and ~/.shosts files
  70. #IgnoreRhosts yes
  71.  
  72. # To disable tunneled clear text passwords, change to no here!
  73. PasswordAuthentication no
  74. #PermitEmptyPasswords no
  75.  
  76. # Change to no to disable s/key passwords
  77. ChallengeResponseAuthentication no
  78.  
  79. # Kerberos options
  80. #KerberosAuthentication no
  81. #KerberosOrLocalPasswd yes
  82. #KerberosTicketCleanup yes
  83. #KerberosGetAFSToken no
  84.  
  85. # GSSAPI options
  86. #GSSAPIAuthentication no
  87. #GSSAPICleanupCredentials yes
  88.  
  89. # Set this to 'yes' to enable PAM authentication, account processing,
  90. # and session processing. If this is enabled, PAM authentication will
  91. # be allowed through the ChallengeResponseAuthentication and
  92. # PasswordAuthentication. Depending on your PAM configuration,
  93. # PAM authentication via ChallengeResponseAuthentication may bypass
  94. # the setting of "PermitRootLogin without-password".
  95. # If you just want the PAM account and session checks to run without
  96. # PAM authentication, then enable this but set PasswordAuthentication
  97. # and ChallengeResponseAuthentication to 'no'.
  98. UsePAM yes
  99.  
  100. #AllowAgentForwarding yes
  101. #AllowTcpForwarding yes
  102. #GatewayPorts no
  103. #X11Forwarding no
  104. #X11DisplayOffset 10
  105. #X11UseLocalhost yes
  106. #PermitTTY yes
  107. PrintMotd no # pam does that
  108. #PrintLastLog yes
  109. #TCPKeepAlive yes
  110. #UseLogin no
  111. UsePrivilegeSeparation sandbox # Default for new installations.
  112. #PermitUserEnvironment no
  113. #Compression delayed
  114. #ClientAliveInterval 0
  115. #ClientAliveCountMax 3
  116. #UseDNS yes
  117. #PidFile /run/sshd.pid
  118. #MaxStartups 10:30:100
  119. #PermitTunnel no
  120. #ChrootDirectory none
  121. #VersionAddendum none
  122.  
  123. # no default banner path
  124. Banner /etc/ssh/ssh_banner
  125.  
  126. # override default of no subsystems
  127. Subsystem sftp /usr/lib/ssh/sftp-server
  128.  
  129. # Example of overriding settings on a per-user basis
  130. #Match User anoncvs
  131. # X11Forwarding no
  132. # AllowTcpForwarding no
  133. # PermitTTY no
  134. # ForceCommand cvs server
  135.  
  136. # Set this to control user access
  137. AllowUsers saint
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!