diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | sshd_config | 15 |
2 files changed, 14 insertions, 6 deletions
@@ -9,6 +9,9 @@ | |||
9 | - djm@cvs.openbsd.org 2003/06/20 05:47:58 | 9 | - djm@cvs.openbsd.org 2003/06/20 05:47:58 |
10 | [sshd_config.5] | 10 | [sshd_config.5] |
11 | sync description of protocol 2 cipher proposal; ok markus | 11 | sync description of protocol 2 cipher proposal; ok markus |
12 | - djm@cvs.openbsd.org 2003/06/20 05:48:21 | ||
13 | [sshd_config] | ||
14 | sync some implemented options; ok markus@ | ||
12 | - (dtucker) [regress/authorized_keys_root] Remove temp data file from CVS. | 15 | - (dtucker) [regress/authorized_keys_root] Remove temp data file from CVS. |
13 | - (dtucker) [openbsd-compat/setproctitle.c] Ensure SPT_TYPE is defined before | 16 | - (dtucker) [openbsd-compat/setproctitle.c] Ensure SPT_TYPE is defined before |
14 | testing its value. | 17 | testing its value. |
@@ -575,4 +578,4 @@ | |||
575 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 578 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
576 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 579 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
577 | 580 | ||
578 | $Id: ChangeLog,v 1.2820 2003/06/22 10:46:53 dtucker Exp $ | 581 | $Id: ChangeLog,v 1.2821 2003/06/22 10:48:45 dtucker Exp $ |
diff --git a/sshd_config b/sshd_config index c93396b51..2aaee5ebb 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.60 2003/06/02 09:17:34 markus Exp $ | 1 | # $OpenBSD: sshd_config,v 1.61 2003/06/20 05:48:21 djm Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
@@ -22,7 +22,7 @@ | |||
22 | #HostKey /etc/ssh/ssh_host_dsa_key | 22 | #HostKey /etc/ssh/ssh_host_dsa_key |
23 | 23 | ||
24 | # Lifetime and size of ephemeral version 1 server key | 24 | # Lifetime and size of ephemeral version 1 server key |
25 | #KeyRegenerationInterval 3600 | 25 | #KeyRegenerationInterval 1h |
26 | #ServerKeyBits 768 | 26 | #ServerKeyBits 768 |
27 | 27 | ||
28 | # Logging | 28 | # Logging |
@@ -32,7 +32,7 @@ | |||
32 | 32 | ||
33 | # Authentication: | 33 | # Authentication: |
34 | 34 | ||
35 | #LoginGraceTime 120 | 35 | #LoginGraceTime 2m |
36 | #PermitRootLogin yes | 36 | #PermitRootLogin yes |
37 | #StrictModes yes | 37 | #StrictModes yes |
38 | 38 | ||
@@ -74,6 +74,8 @@ | |||
74 | # bypass the setting of 'PasswordAuthentication' | 74 | # bypass the setting of 'PasswordAuthentication' |
75 | #UsePAM yes | 75 | #UsePAM yes |
76 | 76 | ||
77 | #AllowTcpForwarding yes | ||
78 | #GatewayPorts no | ||
77 | #X11Forwarding no | 79 | #X11Forwarding no |
78 | #X11DisplayOffset 10 | 80 | #X11DisplayOffset 10 |
79 | #X11UseLocalhost yes | 81 | #X11UseLocalhost yes |
@@ -84,11 +86,14 @@ | |||
84 | #UsePrivilegeSeparation yes | 86 | #UsePrivilegeSeparation yes |
85 | #PermitUserEnvironment no | 87 | #PermitUserEnvironment no |
86 | #Compression yes | 88 | #Compression yes |
87 | 89 | #ClientAliveInterval 0 | |
90 | #ClientAliveCountMax 3 | ||
91 | #UseDNS yes | ||
92 | #PidFile /var/run/sshd.pid | ||
88 | #MaxStartups 10 | 93 | #MaxStartups 10 |
94 | |||
89 | # no default banner path | 95 | # no default banner path |
90 | #Banner /some/path | 96 | #Banner /some/path |
91 | #UseDNS yes | ||
92 | 97 | ||
93 | # override default of no subsystems | 98 | # override default of no subsystems |
94 | Subsystem sftp /usr/libexec/sftp-server | 99 | Subsystem sftp /usr/libexec/sftp-server |