|
0
|
1 |
|
|
|
2 |
# what port to listen on
|
|
|
3 |
Port 2828
|
|
|
4 |
|
|
|
5 |
# only allow members of the xmsh-users group and certain admins
|
|
|
6 |
AllowGroups xmsh-users
|
|
|
7 |
|
|
|
8 |
# use system hostkeys
|
|
|
9 |
HostKey /etc/ssh/ssh_host_rsa_key
|
|
|
10 |
HostKey /etc/ssh/ssh_host_dsa_key
|
|
|
11 |
|
|
|
12 |
# runtime options
|
|
|
13 |
PidFile /home/xmsh/run/sshd.pid
|
|
|
14 |
|
|
|
15 |
# cosmetic options
|
|
|
16 |
Banner /home/xmsh/etc/banner
|
|
|
17 |
PrintLastLog yes
|
|
|
18 |
PrintMotd no
|
|
|
19 |
|
|
|
20 |
# Logging
|
|
|
21 |
SyslogFacility AUTH
|
|
|
22 |
LogLevel INFO
|
|
|
23 |
|
|
|
24 |
# force some options
|
|
|
25 |
Protocol 2
|
|
|
26 |
UsePrivilegeSeparation yes
|
|
|
27 |
|
|
|
28 |
# Authentication:
|
|
|
29 |
LoginGraceTime 120
|
|
|
30 |
StrictModes yes
|
|
|
31 |
|
|
|
32 |
# behave like debian does
|
|
|
33 |
PasswordAuthentication yes
|
|
|
34 |
PubkeyAuthentication yes
|
|
|
35 |
ChallengeResponseAuthentication no
|
|
|
36 |
UsePAM no
|
|
|
37 |
|
|
|
38 |
# disable most features
|
|
|
39 |
AcceptEnv no
|
|
|
40 |
AllowTcpForwarding no
|
|
|
41 |
AuthorizedKeysFile no
|
|
|
42 |
IgnoreRhosts yes
|
|
|
43 |
IgnoreUserKnownHosts yes
|
|
|
44 |
PermitRootLogin no
|
|
|
45 |
PermitTunnel no
|
|
|
46 |
PermitUserEnvironment no
|
|
|
47 |
X11Forwarding no
|
|
|
48 |
|
|
|
49 |
# By default no subsystems are defined
|
|
|
50 |
|