diff options
| author | ficus <ficus@robocracy.org> | 2012-09-23 04:22:14 +0200 |
|---|---|---|
| committer | ficus <ficus@robocracy.org> | 2012-09-23 04:22:14 +0200 |
| commit | b1aec80110e822d835f6c97a2320b7dfc5fba039 (patch) | |
| tree | 3f88cf6ec6a8e2836c91705baf2bfc31ab51d0dd /packages/torouter-prep/configs/sshd_config | |
| parent | e2973e8ea5c57bfa6ed41293e0250c68d29cfed9 (diff) | |
| download | torouter-b1aec80110e822d835f6c97a2320b7dfc5fba039.tar.gz torouter-b1aec80110e822d835f6c97a2320b7dfc5fba039.zip | |
possibly functional image builder
Diffstat (limited to 'packages/torouter-prep/configs/sshd_config')
| -rw-r--r-- | packages/torouter-prep/configs/sshd_config | 87 |
1 files changed, 0 insertions, 87 deletions
diff --git a/packages/torouter-prep/configs/sshd_config b/packages/torouter-prep/configs/sshd_config deleted file mode 100644 index d079ac0..0000000 --- a/packages/torouter-prep/configs/sshd_config +++ /dev/null @@ -1,87 +0,0 @@ -# Package generated configuration file -# See the sshd_config(5) manpage for details - -# What ports, IPs and protocols we listen for -Port 22 -# Use these options to restrict which interfaces/protocols sshd will bind to -#ListenAddress :: -#ListenAddress 0.0.0.0 -Protocol 2 -# HostKeys for protocol version 2 -HostKey /etc/ssh/ssh_host_rsa_key -HostKey /etc/ssh/ssh_host_dsa_key -#Privilege Separation is turned on for security -UsePrivilegeSeparation yes - -# Lifetime and size of ephemeral version 1 server key -KeyRegenerationInterval 3600 -ServerKeyBits 768 - -# Logging -SyslogFacility AUTH -LogLevel INFO - -# Authentication: -LoginGraceTime 120 -PermitRootLogin yes -StrictModes yes - -RSAAuthentication yes -PubkeyAuthentication yes -#AuthorizedKeysFile %h/.ssh/authorized_keys - -# Don't read the user's ~/.rhosts and ~/.shosts files -IgnoreRhosts yes -# For this to work you will also need host keys in /etc/ssh_known_hosts -RhostsRSAAuthentication no -# similar for protocol version 2 -HostbasedAuthentication no -# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#IgnoreUserKnownHosts yes - -# To enable empty passwords, change to yes (NOT RECOMMENDED) -PermitEmptyPasswords no - -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no - -# Change to no to disable tunnelled clear text passwords -#PasswordAuthentication yes - -# Kerberos options -#KerberosAuthentication no -#KerberosGetAFSToken no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes - -X11Forwarding yes -X11DisplayOffset 10 -PrintMotd no -PrintLastLog yes -TCPKeepAlive yes -#UseLogin no - -#MaxStartups 10:30:60 -#Banner /etc/issue.net - -# Allow client to pass locale environment variables -AcceptEnv LANG LC_* - -Subsystem sftp /usr/lib/openssh/sftp-server - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -UsePAM yes -AddressFamily inet |