| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: sshd_config,v 1.26 2021/09/02 11:26:18 christos Exp $ | | 1 | # $NetBSD: sshd_config,v 1.27 2021/11/27 23:22:25 he Exp $ |
2 | # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ | | 2 | # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ |
3 | | | 3 | |
4 | # This is the sshd server system-wide configuration file. See | | 4 | # This is the sshd server system-wide configuration file. See |
5 | # sshd_config(5) for more information. | | 5 | # sshd_config(5) for more information. |
6 | | | 6 | |
7 | # The strategy used for options in the default sshd_config shipped with | | 7 | # The strategy used for options in the default sshd_config shipped with |
8 | # OpenSSH is to specify options with their default value where | | 8 | # OpenSSH is to specify options with their default value where |
9 | # possible, but leave them commented. Uncommented options override the | | 9 | # possible, but leave them commented. Uncommented options override the |
10 | # default value. | | 10 | # default value. |
11 | | | 11 | |
12 | #Port 22 | | 12 | #Port 22 |
13 | #AddressFamily any | | 13 | #AddressFamily any |
14 | #ListenAddress 0.0.0.0 | | 14 | #ListenAddress 0.0.0.0 |
| @@ -62,33 +62,33 @@ AuthorizedKeysFile .ssh/authorized_keys | | | @@ -62,33 +62,33 @@ AuthorizedKeysFile .ssh/authorized_keys |
62 | | | 62 | |
63 | # Kerberos options | | 63 | # Kerberos options |
64 | #KerberosAuthentication no | | 64 | #KerberosAuthentication no |
65 | #KerberosOrLocalPasswd yes | | 65 | #KerberosOrLocalPasswd yes |
66 | #KerberosTicketCleanup yes | | 66 | #KerberosTicketCleanup yes |
67 | #KerberosGetAFSToken no | | 67 | #KerberosGetAFSToken no |
68 | | | 68 | |
69 | # GSSAPI options | | 69 | # GSSAPI options |
70 | #GSSAPIAuthentication no | | 70 | #GSSAPIAuthentication no |
71 | #GSSAPICleanupCredentials yes | | 71 | #GSSAPICleanupCredentials yes |
72 | | | 72 | |
73 | # Set this to 'yes' to enable PAM authentication, account processing, | | 73 | # Set this to 'yes' to enable PAM authentication, account processing, |
74 | # and session processing. If this is enabled, PAM authentication will | | 74 | # and session processing. If this is enabled, PAM authentication will |
75 | # be allowed through the ChallengeResponseAuthentication and | | 75 | # be allowed through the KbdInteractiveAuthentication and |
76 | # PasswordAuthentication. Depending on your PAM configuration, | | 76 | # PasswordAuthentication settings. Depending on your PAM configuration, |
77 | # PAM authentication via ChallengeResponseAuthentication may bypass | | 77 | # PAM authentication via KbdInteractiveAuthentication may bypass |
78 | # the setting of "PermitRootLogin without-password". | | 78 | # the setting of "PermitRootLogin without-password". |
79 | # If you just want the PAM account and session checks to run without | | 79 | # If you just want the PAM account and session checks to run without |
80 | # PAM authentication, then enable this but set PasswordAuthentication | | 80 | # PAM authentication, then enable this but set PasswordAuthentication |
81 | # and ChallengeResponseAuthentication to 'no'. | | 81 | # and KbdInteractiveAuthentication to 'no'. |
82 | UsePAM yes | | 82 | UsePAM yes |
83 | | | 83 | |
84 | #AllowAgentForwarding yes | | 84 | #AllowAgentForwarding yes |
85 | #AllowTcpForwarding yes | | 85 | #AllowTcpForwarding yes |
86 | #GatewayPorts no | | 86 | #GatewayPorts no |
87 | #X11Forwarding no | | 87 | #X11Forwarding no |
88 | # If you use xorg from pkgsrc then uncomment the following line. | | 88 | # If you use xorg from pkgsrc then uncomment the following line. |
89 | #XAuthLocation /usr/pkg/bin/xauth | | 89 | #XAuthLocation /usr/pkg/bin/xauth |
90 | #X11DisplayOffset 10 | | 90 | #X11DisplayOffset 10 |
91 | #X11UseLocalhost yes | | 91 | #X11UseLocalhost yes |
92 | #PermitTTY yes | | 92 | #PermitTTY yes |
93 | #PrintMotd yes | | 93 | #PrintMotd yes |
94 | #PrintLastLog yes | | 94 | #PrintLastLog yes |