API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 7th, 2013
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.92 KB | None | 0 0
raw download clone embed print report
  1. # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
  2.  
  3. # This is the sshd server system-wide configuration file. See
  4. # sshd_config(5) for more information.
  5.  
  6. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  7.  
  8. # The strategy used for options in the default sshd_config shipped with
  9. # OpenSSH is to specify options with their default value where
  10. # possible, but leave them commented. Uncommented options change a
  11. # default value.
  12.  
  13. #Port 22
  14. #AddressFamily any
  15. #ListenAddress 0.0.0.0
  16. #ListenAddress ::
  17.  
  18. # Disable legacy (protocol version 1) support in the server for new
  19. # installations. In future the default will change to require explicit
  20. # activation of protocol 1
  21. Protocol 2
  22.  
  23. # HostKey for protocol version 1
  24. #HostKey /etc/ssh/ssh_host_key
  25. # HostKeys for protocol version 2
  26. #HostKey /etc/ssh/ssh_host_rsa_key
  27. #HostKey /etc/ssh/ssh_host_dsa_key
  28.  
  29. # Lifetime and size of ephemeral version 1 server key
  30. #KeyRegenerationInterval 1h
  31. #ServerKeyBits 1024
  32.  
  33. # Logging
  34. # obsoletes QuietMode and FascistLogging
  35. #SyslogFacility AUTH
  36. SyslogFacility AUTHPRIV
  37. #LogLevel INFO
  38.  
  39. # Authentication:
  40.  
  41. #LoginGraceTime 2m
  42. #PermitRootLogin yes
  43. #StrictModes yes
  44. #MaxAuthTries 6
  45. #MaxSessions 10
  46.  
  47. #RSAAuthentication yes
  48. PubkeyAuthentication no
  49. #AuthorizedKeysFile .ssh/authorized_keys
  50. #AuthorizedKeysCommand none
  51. #AuthorizedKeysCommandRunAs nobody
  52.  
  53. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  54. #RhostsRSAAuthentication no
  55. # similar for protocol version 2
  56. #HostbasedAuthentication no
  57. # Change to yes if you don't trust ~/.ssh/known_hosts for
  58. # RhostsRSAAuthentication and HostbasedAuthentication
  59. #IgnoreUserKnownHosts no
  60. # Don't read the user's ~/.rhosts and ~/.shosts files
  61. #IgnoreRhosts yes
  62.  
  63. # To disable tunneled clear text passwords, change to no here!
  64. #PasswordAuthentication yes
  65. #PermitEmptyPasswords no
  66. PasswordAuthentication yes
  67.  
  68. # Change to no to disable s/key passwords
  69. ChallengeResponseAuthentication yes
  70. #ChallengeResponseAuthentication no
  71.  
  72. # Kerberos options
  73. #KerberosAuthentication no
  74. #KerberosOrLocalPasswd yes
  75. #KerberosTicketCleanup yes
  76. #KerberosGetAFSToken no
  77. #KerberosUseKuserok yes
  78.  
  79. # GSSAPI options
  80. #GSSAPIAuthentication no
  81. GSSAPIAuthentication yes
  82. #GSSAPICleanupCredentials yes
  83. GSSAPICleanupCredentials yes
  84. #GSSAPIStrictAcceptorCheck yes
  85. #GSSAPIKeyExchange no
  86.  
  87. # Set this to 'yes' to enable PAM authentication, account processing,
  88. # and session processing. If this is enabled, PAM authentication will
  89. # be allowed through the ChallengeResponseAuthentication and
  90. # PasswordAuthentication. Depending on your PAM configuration,
  91. # PAM authentication via ChallengeResponseAuthentication may bypass
  92. # the setting of "PermitRootLogin without-password".
  93. # If you just want the PAM account and session checks to run without
  94. # PAM authentication, then enable this but set PasswordAuthentication
  95. # and ChallengeResponseAuthentication to 'no'.
  96. #UsePAM no
  97. UsePAM yes
  98.  
  99. # Accept locale-related environment variables
  100. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  101. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  102. AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
  103. AcceptEnv XMODIFIERS
  104.  
  105. #AllowAgentForwarding yes
  106. #AllowTcpForwarding yes
  107. #GatewayPorts no
  108. #X11Forwarding no
  109. X11Forwarding no
  110. #X11DisplayOffset 10
  111. #X11UseLocalhost yes
  112. #PrintMotd yes
  113. #PrintLastLog yes
  114. #TCPKeepAlive yes
  115. #UseLogin no
  116. #UsePrivilegeSeparation yes
  117. #PermitUserEnvironment no
  118. #Compression delayed
  119. #ClientAliveInterval 0
  120. #ClientAliveCountMax 3
  121. #ShowPatchLevel no
  122. #UseDNS yes
  123. #PidFile /var/run/sshd.pid
  124. #MaxStartups 10
  125. #PermitTunnel no
  126. #ChrootDirectory none
  127.  
  128. # no default banner path
  129. #Banner none
  130.  
  131. # override default of no subsystems
  132. Subsystem sftp /usr/libexec/openssh/sftp-server
  133.  
  134. # Example of overriding settings on a per-user basis
  135. #Match User anoncvs
  136. # X11Forwarding no
  137. # AllowTcpForwarding no
  138. # ForceCommand cvs server
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!