diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2004-01-07 11:10:17 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2004-01-07 11:10:17 +0000 |
commit | d95e11bf7e5a59b5c3f81bd8dfc2918ee7d3bada (patch) | |
tree | d7e09b6d73cb37aa875779151439b14df7273b87 /crypto/openssh/sshd_config | |
parent | dcf5581978ae9708715473af978f587c1ad7caf7 (diff) | |
download | src-d95e11bf7e5a59b5c3f81bd8dfc2918ee7d3bada.tar.gz src-d95e11bf7e5a59b5c3f81bd8dfc2918ee7d3bada.zip |
Vendor import of OpenSSH 3.7.1p2.
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=124208
Diffstat (limited to 'crypto/openssh/sshd_config')
-rw-r--r-- | crypto/openssh/sshd_config | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 36429c9d0c72..dd53f1057931 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ +# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -22,7 +22,7 @@ #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 3600 +#KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging @@ -32,7 +32,7 @@ # Authentication: -#LoginGraceTime 120 +#LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes @@ -40,10 +40,6 @@ #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys -# rhosts authentication should not be used -#RhostsAuthentication no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 @@ -51,6 +47,8 @@ # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes @@ -64,15 +62,17 @@ #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes -#AFSTokenPassing no +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCreds yes -# Kerberos TGT Passing only works with the AFS kaserver -#KerberosTgtPassing no - -# Set this to 'yes' to enable PAM keyboard-interactive authentication -# Warning: enabling this may bypass the setting of 'PasswordAuthentication' -#PAMAuthenticationViaKbdInt no +# Set this to 'yes' to enable PAM authentication (via challenge-response) +# and session processing. Depending on your PAM configuration, this may +# bypass the setting of 'PasswordAuthentication' +#UsePAM yes +#AllowTcpForwarding yes +#GatewayPorts no #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes @@ -83,11 +83,14 @@ #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes - +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS yes +#PidFile /var/run/sshd.pid #MaxStartups 10 + # no default banner path #Banner /some/path -#VerifyReverseMapping no # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server |