/etc/ssh/sshd_config

1. #   $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
2.  
3. # This is the sshd server system-wide configuration file.  See
4. # sshd_config(5) for more information.
5.  
6. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
7.  
8. # The strategy used for options in the default sshd_config shipped with
9. # OpenSSH is to specify options with their default value where
10. # possible, but leave them commented.  Uncommented options override the
11. # default value.
12. #Host *
13. AllowUsers spot root #added by s243a http://murga-linux.com/puppy/viewtopic.php?p=950757#950757
14. Port 22 #Uncommented by s243a
15. AddressFamily inet #Uncommented by s243a (Maybe change to AddressFamily inet)
16. ListenAddress 0.0.0.0 #Uncommented by s243a 192.168.1.8 #
17. #ListenAddress :: #Uncommented by s243a
18.  
19. # The default requires explicit activation of protocol 1
20. #Protocol 1
21. Protocol 1,2
22.  
23. # HostKey for protocol version 1
24. HostKey /etc/ssh/ssh_host_key
25. # HostKeys for protocol version 2
26. HostKey /etc/ssh/ssh_host_rsa_key
27. HostKey /etc/ssh/ssh_host_dsa_key
28. HostKey /etc/ssh/ssh_host_ecdsa_key
29. HostKey /etc/ssh/ssh_host_ed25519_key
30.  
31. # Lifetime and size of ephemeral version 1 server key
32. KeyRegenerationInterval 1h
33. ServerKeyBits 1024
34.  
35. # Ciphers and keying
36. #RekeyLimit default none
37. #Ciphers blowfish-cbc
38.  
39. # Logging
40. # obsoletes QuietMode and FascistLogging
41. SyslogFacility AUTHPRIV
42. #LogLevel INFO
43. LogLevel VERBOSE #INFO
44.  
45. # Authentication:
46.  
47. LoginGraceTime 2m
48. # See /usr/share/doc/openssh-server/README.Debian.gz.
49. PermitRootLogin yes #Uncommented by s243a http://murga-linux.com/puppy/viewtopic.php?p=950760#950760
50. #StrictModes yes
51. #MaxAuthTries 6
52. #MaxSessions 10
53.  
54. RSAAuthentication yes
55. PubkeyAuthentication yes
56.  
57. # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
58. # but this is overridden so installations will only check .ssh/authorized_keys
59. AuthorizedKeysFile  .ssh/authorized_keys
60.  
61. #AuthorizedPrincipalsFile none
62.  
63. #AuthorizedKeysCommand none
64. #AuthorizedKeysCommandUser nobody
65.  
66. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
67. #RhostsRSAAuthentication no
68. # similar for protocol version 2
69. #HostbasedAuthentication no
70. # Change to yes if you don't trust ~/.ssh/known_hosts for
71. # RhostsRSAAuthentication and HostbasedAuthentication
72. #IgnoreUserKnownHosts no
73. # Don't read the user's ~/.rhosts and ~/.shosts files
74. #IgnoreRhosts yes
75.  
76. # To disable tunneled clear text passwords, change to no here!
77. #PasswordAuthentication yes
78. #PermitEmptyPasswords no
79.  
80. # Change to no to disable s/key passwords
81. #ChallengeResponseAuthentication yes
82.  
83. # Kerberos options
84. #KerberosAuthentication no
85. #KerberosOrLocalPasswd yes
86. #KerberosTicketCleanup yes
87. #KerberosGetAFSToken no
88.  
89. # GSSAPI options
90. #GSSAPIAuthentication no
91. #GSSAPICleanupCredentials yes
92. #GSSAPIStrictAcceptorCheck yes
93. #GSSAPIKeyExchange no
94.  
95. # Set this to 'yes' to enable PAM authentication, account processing,
96. # and session processing. If this is enabled, PAM authentication will
97. # be allowed through the ChallengeResponseAuthentication and
98. # PasswordAuthentication.  Depending on your PAM configuration,
99. # PAM authentication via ChallengeResponseAuthentication may bypass
100. # the setting of "PermitRootLogin without-password".
101. # If you just want the PAM account and session checks to run without
102. # PAM authentication, then enable this but set PasswordAuthentication
103. # and ChallengeResponseAuthentication to 'no'.
104. #UsePAM no
105.  
106. AllowAgentForwarding yes
107. AllowTcpForwarding yes #Uncommented by s243a http://murga-linux.com/puppy/viewtopic.php?p=950764#950764
108. GatewayPorts yes
109. X11Forwarding yes
110. X11DisplayOffset 10
111. X11UseLocalhost no
112. XAuthLocation /usr/bin/xauth  #/usr/bin/X11/xauth  /root/.Xauthority
113. PermitTTY yes
114. PrintMotd yes
115. PrintLastLog yes
116. TCPKeepAlive yes #uncommented by s243a http://murga-linux.com/puppy/viewtopic.php?p=950764#950764
117. UseLogin yes
118. #UsePrivilegeSeparation sandbox     # Default for new installations.
119. #PermitUserEnvironment no
120. Compression delayed
121. #ClientAliveInterval 0
122. #ClientAliveCountMax 3
123. #UseDNS yes
124. PidFile /var/run/sshd.pid
125. #MaxStartups 10:30:100
126. PermitTunnel yes
127. #ChrootDirectory none
128. #VersionAddendum none
129.  
130. # no default banner path
131. #Banner none
132.  
133. # override default of no subsystems
134. #Subsystem  sftp    /usr/libexec/sftp-server
135.  
136. # Example of overriding settings on a per-user basis
137. #Match User anoncvs
138. #   X11Forwarding yes
139. #   AllowTcpForwarding yes
140. #   PermitTTY no
141. #   ForceCommand cvs server
142.  
143.  #added by s243a http://murga-linux.com/puppy/viewtopic.php?p=950760#950760