API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 21st, 2017
53
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.41 KB | None | 0 0
raw download clone embed print report
  1. # Package generated configuration file
  2. # See the sshd_config(5) manpage for details
  3.  
  4. # What ports, IPs and protocols we listen for
  5. Port 1322
  6. # Use these options to restrict which interfaces/protocols sshd will bind to
  7. #ListenAddress ::
  8. #ListenAddress 0.0.0.0
  9. Protocol 2
  10. # HostKeys for protocol version 2
  11. HostKey /etc/ssh/ssh_host_rsa_key
  12. HostKey /etc/ssh/ssh_host_dsa_key
  13. #Privilege Separation is turned on for security
  14. UsePrivilegeSeparation yes
  15.  
  16. # Lifetime and size of ephemeral version 1 server key
  17. KeyRegenerationInterval 3600
  18. ServerKeyBits 768
  19.  
  20. # Logging
  21. SyslogFacility AUTH
  22. LogLevel INFO
  23.  
  24. # Authentication:
  25. LoginGraceTime 120
  26. PermitRootLogin no
  27. StrictModes yes
  28.  
  29. RSAAuthentication yes
  30. PubkeyAuthentication yes
  31. #AuthorizedKeysFile %h/.ssh/authorized_keys
  32.  
  33. # Don't read the user's ~/.rhosts and ~/.shosts files
  34. IgnoreRhosts yes
  35. # For this to work you will also need host keys in /etc/ssh_known_hosts
  36. RhostsRSAAuthentication no
  37. # similar for protocol version 2
  38. HostbasedAuthentication no
  39. # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
  40. #IgnoreUserKnownHosts yes
  41.  
  42. # To enable empty passwords, change to yes (NOT RECOMMENDED)
  43. PermitEmptyPasswords no
  44.  
  45. # Change to yes to enable challenge-response passwords (beware issues with
  46. # some PAM modules and threads)
  47. ChallengeResponseAuthentication no
  48.  
  49. # Change to no to disable tunnelled clear text passwords
  50. #PasswordAuthentication yes
  51.  
  52. # Kerberos options
  53. #KerberosAuthentication no
  54. #KerberosGetAFSToken no
  55. #KerberosOrLocalPasswd yes
  56. #KerberosTicketCleanup yes
  57.  
  58. # GSSAPI options
  59. #GSSAPIAuthentication no
  60. #GSSAPICleanupCredentials yes
  61.  
  62. X11Forwarding yes
  63. X11DisplayOffset 10
  64. PrintMotd no
  65. PrintLastLog yes
  66. TCPKeepAlive yes
  67. #UseLogin no
  68.  
  69. #MaxStartups 10:30:60
  70. #Banner /etc/issue.net
  71.  
  72. # Allow client to pass locale environment variables
  73. AcceptEnv LANG LC_*
  74.  
  75. Subsystem sftp /usr/lib/openssh/sftp-server
  76.  
  77. # Set this to 'yes' to enable PAM authentication, account processing,
  78. # and session processing. If this is enabled, PAM authentication will
  79. # be allowed through the ChallengeResponseAuthentication and
  80. # PasswordAuthentication. Depending on your PAM configuration,
  81. # PAM authentication via ChallengeResponseAuthentication may bypass
  82. # the setting of "PermitRootLogin without-password".
  83. # If you just want the PAM account and session checks to run without
  84. # PAM authentication, then enable this but set PasswordAuthentication
  85. # and ChallengeResponseAuthentication to 'no'.
  86. UsePAM yes
  87. AllowUsers publius
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!