mensoda

Raspberry Pi OS Lite cat /etc/ssh/sshd_config

Jun 14th, 2021
750
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. pi@raspberrypi:~ $ cat /etc/ssh/sshd_config
  2. #   $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
  3.  
  4. # This is the sshd server system-wide configuration file.  See
  5. # sshd_config(5) for more information.
  6.  
  7. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
  8.  
  9. # The strategy used for options in the default sshd_config shipped with
  10. # OpenSSH is to specify options with their default value where
  11. # possible, but leave them commented.  Uncommented options override the
  12. # default value.
  13.  
  14. #Port 22
  15. #AddressFamily any
  16. #ListenAddress 0.0.0.0
  17. #ListenAddress ::
  18.  
  19. #HostKey /etc/ssh/ssh_host_rsa_key
  20. #HostKey /etc/ssh/ssh_host_ecdsa_key
  21. #HostKey /etc/ssh/ssh_host_ed25519_key
  22.  
  23. # Ciphers and keying
  24. #RekeyLimit default none
  25.  
  26. # Logging
  27. #SyslogFacility AUTH
  28. #LogLevel INFO
  29.  
  30. # Authentication:
  31.  
  32. #LoginGraceTime 2m
  33. #PermitRootLogin prohibit-password
  34. #StrictModes yes
  35. #MaxAuthTries 6
  36. #MaxSessions 10
  37.  
  38. #PubkeyAuthentication yes
  39.  
  40. # Expect .ssh/authorized_keys2 to be disregarded by default in future.
  41. #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
  42.  
  43. #AuthorizedPrincipalsFile none
  44.  
  45. #AuthorizedKeysCommand none
  46. #AuthorizedKeysCommandUser nobody
  47.  
  48. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  49. #HostbasedAuthentication no
  50. # Change to yes if you don't trust ~/.ssh/known_hosts for
  51. # HostbasedAuthentication
  52. #IgnoreUserKnownHosts no
  53. # Don't read the user's ~/.rhosts and ~/.shosts files
  54. #IgnoreRhosts yes
  55.  
  56. # To disable tunneled clear text passwords, change to no here!
  57. #PasswordAuthentication yes
  58. #PermitEmptyPasswords no
  59.  
  60. # Change to yes to enable challenge-response passwords (beware issues with
  61. # some PAM modules and threads)
  62. ChallengeResponseAuthentication no
  63.  
  64. # Kerberos options
  65. #KerberosAuthentication no
  66. #KerberosOrLocalPasswd yes
  67. #KerberosTicketCleanup yes
  68. #KerberosGetAFSToken no
  69.  
  70. # GSSAPI options
  71. #GSSAPIAuthentication no
  72. #GSSAPICleanupCredentials yes
  73. #GSSAPIStrictAcceptorCheck yes
  74. #GSSAPIKeyExchange no
  75.  
  76. # Set this to 'yes' to enable PAM authentication, account processing,
  77. # and session processing. If this is enabled, PAM authentication will
  78. # be allowed through the ChallengeResponseAuthentication and
  79. # PasswordAuthentication.  Depending on your PAM configuration,
  80. # PAM authentication via ChallengeResponseAuthentication may bypass
  81. # the setting of "PermitRootLogin without-password".
  82. # If you just want the PAM account and session checks to run without
  83. # PAM authentication, then enable this but set PasswordAuthentication
  84. # and ChallengeResponseAuthentication to 'no'.
  85. UsePAM yes
  86.  
  87. #AllowAgentForwarding yes
  88. #AllowTcpForwarding yes
  89. #GatewayPorts no
  90. X11Forwarding yes
  91. #X11DisplayOffset 10
  92. #X11UseLocalhost yes
  93. #PermitTTY yes
  94. PrintMotd no
  95. #PrintLastLog yes
  96. #TCPKeepAlive yes
  97. #PermitUserEnvironment no
  98. #Compression delayed
  99. #ClientAliveInterval 0
  100. #ClientAliveCountMax 3
  101. #UseDNS no
  102. #PidFile /var/run/sshd.pid
  103. #MaxStartups 10:30:100
  104. #PermitTunnel no
  105. #ChrootDirectory none
  106. #VersionAddendum none
  107.  
  108. # no default banner path
  109. #Banner none
  110.  
  111. # Allow client to pass locale environment variables
  112. AcceptEnv LANG LC_*
  113.  
  114. # override default of no subsystems
  115. Subsystem   sftp    /usr/lib/openssh/sftp-server
  116.  
  117. # Example of overriding settings on a per-user basis
  118. #Match User anoncvs
  119. #   X11Forwarding no
  120. #   AllowTcpForwarding no
  121. #   PermitTTY no
  122. #   ForceCommand cvs server
  123. pi@raspberrypi:~ $ lsb_release -a
  124. No LSB modules are available.
  125. Distributor ID: Raspbian
  126. Description:    Raspbian GNU/Linux 10 (buster)
  127. Release:    10
  128. Codename:   buster
  129. pi@raspberrypi:~ $ cat /etc/*release
  130. PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
  131. NAME="Raspbian GNU/Linux"
  132. VERSION_ID="10"
  133. VERSION="10 (buster)"
  134. VERSION_CODENAME=buster
  135. ID=raspbian
  136. ID_LIKE=debian
  137. HOME_URL="http://www.raspbian.org/"
  138. SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
  139. BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
  140. pi@raspberrypi:~ $ cat /etc/issue*
  141. Raspbian GNU/Linux 10 \n \l
  142.  
  143. Raspbian GNU/Linux 10
  144. pi@raspberrypi:~ $ cat /proc/version
  145. Linux version 5.10.17-v7l+ (dom@buildbot) (arm-linux-gnueabihf-gcc-8 (Ubuntu/Linaro 8.4.0-3ubuntu1) 8.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #1414 SMP Fri Apr 30 13:20:47 BST 2021
  146. pi@raspberrypi:~ $
RAW Paste Data