1511b41d2SMark Murray# This is ssh server systemwide configuration file. 2511b41d2SMark Murray 3511b41d2SMark MurrayPort 22 4511b41d2SMark Murray#ListenAddress 0.0.0.0 5511b41d2SMark Murray#ListenAddress :: 6511b41d2SMark MurrayHostKey /etc/ssh_host_key 7511b41d2SMark MurrayServerKeyBits 768 8511b41d2SMark MurrayLoginGraceTime 600 9511b41d2SMark MurrayKeyRegenerationInterval 3600 10511b41d2SMark MurrayPermitRootLogin yes 11511b41d2SMark Murray# 12511b41d2SMark Murray# Don't read ~/.rhosts and ~/.shosts files 13511b41d2SMark MurrayIgnoreRhosts yes 14511b41d2SMark Murray# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 15511b41d2SMark Murray#IgnoreUserKnownHosts yes 16511b41d2SMark MurrayStrictModes yes 17511b41d2SMark MurrayX11Forwarding no 18511b41d2SMark MurrayX11DisplayOffset 10 19511b41d2SMark MurrayPrintMotd yes 20511b41d2SMark MurrayKeepAlive yes 21511b41d2SMark Murray 22511b41d2SMark Murray# Logging 23511b41d2SMark MurraySyslogFacility AUTH 24511b41d2SMark MurrayLogLevel INFO 25511b41d2SMark Murray#obsoletes QuietMode and FascistLogging 26511b41d2SMark Murray 27511b41d2SMark MurrayRhostsAuthentication no 28511b41d2SMark Murray# 29511b41d2SMark Murray# For this to work you will also need host keys in /etc/ssh_known_hosts 30511b41d2SMark MurrayRhostsRSAAuthentication no 31511b41d2SMark Murray# 32511b41d2SMark MurrayRSAAuthentication yes 33511b41d2SMark Murray 34511b41d2SMark Murray# To disable tunneled clear text passwords, change to no here! 35511b41d2SMark MurrayPasswordAuthentication yes 36511b41d2SMark MurrayPermitEmptyPasswords no 37511b41d2SMark Murray# Uncomment to disable s/key passwords 38511b41d2SMark Murray#SkeyAuthentication no 39511b41d2SMark Murray 40511b41d2SMark Murray# To change Kerberos options 41511b41d2SMark Murray#KerberosAuthentication no 42511b41d2SMark Murray#KerberosOrLocalPasswd yes 43511b41d2SMark Murray#AFSTokenPassing no 44511b41d2SMark Murray#KerberosTicketCleanup no 45511b41d2SMark Murray 46511b41d2SMark Murray# Kerberos TGT Passing does only work with the AFS kaserver 47511b41d2SMark Murray#KerberosTgtPassing yes 48511b41d2SMark Murray 49511b41d2SMark Murray#CheckMail yes 50511b41d2SMark Murray#UseLogin no 51