# what port to listen on 
Port 2828

# only allow members of the xmsh-users group and certain admins
AllowGroups xmsh-users

# use system hostkeys
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# runtime options
PidFile /home/xmsh/run/sshd.pid

# cosmetic options
Banner /home/xmsh/etc/banner
PrintLastLog yes
PrintMotd no

# Logging
SyslogFacility AUTH
LogLevel INFO

# force some options
Protocol 2
UsePrivilegeSeparation yes

# Authentication:
LoginGraceTime 120
StrictModes yes

# behave like debian does
PasswordAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
UsePAM no

# disable most features
AcceptEnv no
AllowTcpForwarding no
AuthorizedKeysFile no
IgnoreRhosts yes
IgnoreUserKnownHosts yes
PermitRootLogin no
PermitTunnel no
PermitUserEnvironment no
X11Forwarding no

# By default no subsystems are defined