API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 28th, 2017
56
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.89 KB | None | 0 0
raw download clone embed print report
  1. # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
  2.  
  3. # This is the sshd server system-wide configuration file. See
  4. # sshd_config(5) for more information.
  5.  
  6. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  7.  
  8. # The strategy used for options in the default sshd_config shipped with
  9. # OpenSSH is to specify options with their default value where
  10. # possible, but leave them commented. Uncommented options change a
  11. # default value.
  12.  
  13. #Port 22
  14. #AddressFamily any
  15. ListenAddress 192.168.0.104
  16. #ListenAddress ::
  17.  
  18. # Disable legacy (protocol version 1) support in the server for new
  19. # installations. In future the default will change to require explicit
  20. # activation of protocol 1
  21. Protocol 2
  22.  
  23. # HostKey for protocol version 1
  24. #HostKey /etc/ssh/ssh_host_key
  25. # HostKeys for protocol version 2
  26. #HostKey /etc/ssh/ssh_host_rsa_key
  27. #HostKey /etc/ssh/ssh_host_dsa_key
  28.  
  29. # Lifetime and size of ephemeral version 1 server key
  30. #KeyRegenerationInterval 1h
  31. #ServerKeyBits 1024
  32.  
  33. # Logging
  34. # obsoletes QuietMode and FascistLogging
  35. #SyslogFacility AUTH
  36. SyslogFacility AUTHPRIV
  37. #LogLevel INFO
  38.  
  39. # Authentication:
  40.  
  41. #LoginGraceTime 2m
  42. #PermitRootLogin yes
  43. #StrictModes yes
  44. #MaxAuthTries 6
  45. #MaxSessions 10
  46.  
  47. #RSAAuthentication yes
  48. #PubkeyAuthentication yes
  49. #AuthorizedKeysFile .ssh/authorized_keys
  50. #PubkeyAgent none
  51. #PubkeyAgentRunAs nobody
  52.  
  53. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  54. #RhostsRSAAuthentication no
  55. # similar for protocol version 2
  56. #HostbasedAuthentication no
  57. # Change to yes if you don't trust ~/.ssh/known_hosts for
  58. # RhostsRSAAuthentication and HostbasedAuthentication
  59. #IgnoreUserKnownHosts no
  60. # Don't read the user's ~/.rhosts and ~/.shosts files
  61. #IgnoreRhosts yes
  62.  
  63. # To disable tunneled clear text passwords, change to no here!
  64. #PasswordAuthentication yes
  65. #PermitEmptyPasswords no
  66. PasswordAuthentication yes
  67.  
  68. # Change to no to disable s/key passwords
  69. #ChallengeResponseAuthentication yes
  70. ChallengeResponseAuthentication no
  71.  
  72. # Kerberos options
  73. #KerberosAuthentication no
  74. #KerberosOrLocalPasswd yes
  75. #KerberosTicketCleanup yes
  76. #KerberosGetAFSToken no
  77.  
  78. # GSSAPI options
  79. #GSSAPIAuthentication no
  80. GSSAPIAuthentication yes
  81. #GSSAPICleanupCredentials yes
  82. GSSAPICleanupCredentials yes
  83. #GSSAPIStrictAcceptorCheck yes
  84. #GSSAPIKeyExchange no
  85.  
  86. # Set this to 'yes' to enable PAM authentication, account processing,
  87. # and session processing. If this is enabled, PAM authentication will
  88. # be allowed through the ChallengeResponseAuthentication and
  89. # PasswordAuthentication. Depending on your PAM configuration,
  90. # PAM authentication via ChallengeResponseAuthentication may bypass
  91. # the setting of "PermitRootLogin without-password".
  92. # If you just want the PAM account and session checks to run without
  93. # PAM authentication, then enable this but set PasswordAuthentication
  94. # and ChallengeResponseAuthentication to 'no'.
  95. #UsePAM no
  96. UsePAM yes
  97.  
  98. # Accept locale-related environment variables
  99. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  100. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  101. AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
  102. AcceptEnv XMODIFIERS
  103.  
  104. #AllowAgentForwarding yes
  105. #AllowTcpForwarding yes
  106. GatewayPorts clientspecified
  107. #X11Forwarding no
  108. X11Forwarding yes
  109. #X11DisplayOffset 10
  110. #X11UseLocalhost yes
  111. #PrintMotd yes
  112. #PrintLastLog yes
  113. #TCPKeepAlive yes
  114. #UseLogin no
  115. #UsePrivilegeSeparation yes
  116. #PermitUserEnvironment no
  117. #Compression delayed
  118. #ClientAliveInterval 0
  119. #ClientAliveCountMax 3
  120. #ShowPatchLevel no
  121. #UseDNS yes
  122. #PidFile /var/run/sshd.pid
  123. #MaxStartups 10
  124. #PermitTunnel no
  125. #ChrootDirectory none
  126.  
  127. # no default banner path
  128. #Banner none
  129.  
  130. # override default of no subsystems
  131. Subsystem sftp /usr/libexec/openssh/sftp-server
  132.  
  133. # Example of overriding settings on a per-user basis
  134. #Match User anoncvs
  135. # X11Forwarding no
  136. # AllowTcpForwarding no
  137. # ForceCommand cvs server
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!