Port 22Protocol 2HostKey /etc/ssh/ssh_host_rsa_keyAuthorizedKeysFile /e

1. Port 22
2. Protocol 2
3. HostKey /etc/ssh/ssh_host_rsa_key
4.  
5. AuthorizedKeysFile /etc/ssh/authorized_keys/%u
6.  
7. AllowGroups ssh
8.  
9. SyslogFacility AUTH
10. LogLevel VERBOSE
11. LoginGraceTime 120
12. StrictModes yes
13. IgnoreRhosts yes
14.  
15. UseDNS no
16.  
17. HostbasedAuthentication no
18. PermitRootLogin no
19. PermitEmptyPasswords no
20. X11Forwarding no
21. X11DisplayOffset 10
22. ChallengeResponseAuthentication no
23. KbdInteractiveAuthentication no
24. GSSAPIAuthentication no
25. KerberosAuthentication no
26. PrintMotd no
27. PrintLastLog yes
28. TCPKeepAlive yes
29. AcceptEnv LANG LC_*
30. Subsystem sftp internal-sftp
31. UsePAM yes
32.  
33. PubkeyAuthentication no
34. PasswordAuthentication no
35.  
36. Ciphers [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
37. KexAlgorithms [email protected],ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
38. MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,[email protected]
39.  
40. UsePrivilegeSeparation sandbox
41.  
42.  
43.  
44. # ACL here
45.  
46.  
47.  
48.  
49. #SFTP-only group creation, cause, don't want this in the user-config!
50. Match Group sftponly
51. ChrootDirectory %h
52. ForceCommand internal-sftp
53. AllowTcpForwarding no
54. PermitTunnel no
55. X11Forwarding no
56.  
57. #RSSH chrooting. Which provides a minimal shell for sftp, rsync, etc.
58. Match Group rsshonly
59. ChrootDirectory %h
60. X11Forwarding no
61. PermitTunnel no
62. AllowTcpForwarding no
63. X11Forwarding no