diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2017-04-14 09:02:57 +0200 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2017-04-14 09:02:57 +0200 |
commit | 645549be49e99ad6976e0fc0829800427befab57 (patch) | |
tree | 4b654b5a1209e01afd57923aa37481beda9116c4 /template/etc/ssh/sshd_config | |
parent | e9e2724a5cf2e6a34eb0c26aea8e0d5e64279411 (diff) | |
download | OpenBSD-firewall-645549be49e99ad6976e0fc0829800427befab57.tar.gz OpenBSD-firewall-645549be49e99ad6976e0fc0829800427befab57.tar.bz2 |
merged configuration with vanilla OpenBSD 6.1 config
Diffstat (limited to 'template/etc/ssh/sshd_config')
-rw-r--r-- | template/etc/ssh/sshd_config | 21 |
1 files changed, 3 insertions, 18 deletions
diff --git a/template/etc/ssh/sshd_config b/template/etc/ssh/sshd_config index fe9b36d..cc47fcf 100644 --- a/template/etc/ssh/sshd_config +++ b/template/etc/ssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $ +# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -13,26 +13,15 @@ #ListenAddress 0.0.0.0 #ListenAddress :: -# The default requires explicit activation of protocol 1 -#Protocol 2 - -# HostKey for protocol version 1 -#HostKey /etc/ssh/ssh_host_key -# HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 1h -#ServerKeyBits 1024 - # Ciphers and keying #RekeyLimit default none # Logging -# obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO @@ -44,7 +33,6 @@ PermitRootLogin yes #MaxAuthTries 6 #MaxSessions 10 -#RSAAuthentication yes #PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 @@ -57,17 +45,15 @@ AuthorizedKeysFile .ssh/authorized_keys #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication +# HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! -PasswordAuthentication yes +#PasswordAuthentication yes #PermitEmptyPasswords no # Change to no to disable s/key passwords @@ -84,7 +70,6 @@ PasswordAuthentication yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no -UsePrivilegeSeparation sandbox # Default for new installations. #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 |