1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
--- sshd_config.orig 2021-08-19 21:03:49.000000000 -0700
+++ sshd_config 2021-09-07 12:34:49.372652000 -0700
@@ -10,6 +10,9 @@
# possible, but leave them commented. Uncommented options override the
# default value.
+# Note that some of FreeBSD's defaults differ from OpenBSD's, and
+# FreeBSD has a few additional options.
+
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
@@ -37,8 +40,7 @@
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-AuthorizedKeysFile .ssh/authorized_keys
+#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
#AuthorizedPrincipalsFile none
@@ -53,8 +55,8 @@ AuthorizedKeysFile .ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
-# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
+# To enable tunneled clear text passwords, change to yes here!
+#PasswordAuthentication no
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
@@ -70,7 +72,7 @@ AuthorizedKeysFile .ssh/authorized_keys
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
-# Set this to 'yes' to enable PAM authentication, account processing,
+# Set this to 'no' to disable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
@@ -79,12 +81,12 @@ AuthorizedKeysFile .ssh/authorized_keys
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and KbdInteractiveAuthentication to 'no'.
-#UsePAM no
+#UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
-#X11Forwarding no
+#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
|