summaryrefslogtreecommitdiff
path: root/sshd_config.in
diff options
context:
space:
mode:
Diffstat (limited to 'sshd_config.in')
-rw-r--r--sshd_config.in59
1 files changed, 59 insertions, 0 deletions
diff --git a/sshd_config.in b/sshd_config.in
new file mode 100644
index 00000000..63e3d982
--- /dev/null
+++ b/sshd_config.in
@@ -0,0 +1,59 @@
+# This is ssh server systemwide configuration file.
+
+Port 22
+ListenAddress 0.0.0.0
+HostKey @sysconfdir@/ssh_host_key
+ServerKeyBits 768
+LoginGraceTime 600
+KeyRegenerationInterval 3600
+PermitRootLogin yes
+StrictModes yes
+X11Forwarding no
+X11DisplayOffset 10
+PrintMotd yes
+KeepAlive yes
+CheckMail no
+UseLogin no
+
+#
+# Loglevel replaces QuietMode and FascistLogging
+#
+SyslogFacility AUTH
+LogLevel INFO
+
+#
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#
+RhostsRSAAuthentication no
+
+#
+# Don't read ~/.rhosts and ~/.shosts files
+#
+IgnoreRhosts yes
+RhostsAuthentication no
+
+#
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#
+#IgnoreUserKnownHosts yes
+
+RSAAuthentication yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication yes
+PermitEmptyPasswords no
+
+#
+# Uncomment to disable s/key passwords (must be compiled with s/key support)
+#
+#SkeyAuthentication no
+
+#
+# To change Kerberos options (must be compiled with Kerberos support)
+#
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#AFSTokenPassing no
+#KerberosTicketCleanup no
+# Kerberos TGT Passing does only work with the AFS kaserver
+#KerberosTgtPassing yes