#;
#; /etc/ssh/sshd_config
#; Recommended sshd configuration.
#;
#; +----------------------------------------------------+
#; | Author: DePaul University Computer Security Team |
#; | WWW: |
#; | SMTP: |
#; +----------------------------------------------------+
#;
#; Copyright (c) 2003. DePaul University. All Rights Reserved.
#;
#; Platform: Tested on the following platforms:
#; OpenBSD 3.2, 3.3 (OpenSSH 3.6, OpenSSH 3.6.1)
#; FreeBSD 4.5, 4.6 (OpenSSH 3.6, OpenSSH 3.6.1)
#;
#; Notes:
#;
#; Revised: $Id: sshd_config,v 1.1.1.1 2003/09/25 19:23:57 epancer Exp $
#;
#; Port, Protocol and where we listen.
Port 22
Protocol 2
ListenAddress 0.0.0.0
#; Host keys must exist, see ssh-keygen for more info.
HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#; If using SSHv1 (eek!) uncomment the following
#KeyRegenerationInterval 1800
#ServerKeyBits 1280
#; Logging
SyslogFacility AUTH
LogLevel INFO
#; Authentication Methods
LoginGraceTime 30
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
#; If kerberos is your local authentication, uncomment the following.
#KerberosAuthentication yes
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#AFSTokenPassing no
#KerberosTgtPassing no
#; Do not forward X11 by default
X11Forwarding no
X11DisplayOffset 10
X11UseLocalhost yes
#; More options to ensure host integrity
PrintMotd yes
PrintLastLog yes
KeepAlive yes
UseLogin no
UsePrivilegeSeparation yes
PermitUserEnvironment no
Compression yes
MaxStartups 24
#; Be certain to display the DePaul University recommend banner
Banner /etc/issue.net
#; SFTP is a drop-in replacement for FTP; start it here.
Subsystem sftp /usr/libexec/sftp-server
#;
# vim: ts=8 sw=8 nowrap
#;