summaryrefslogtreecommitdiff
path: root/sshd_config.0
diff options
context:
space:
mode:
Diffstat (limited to 'sshd_config.0')
-rw-r--r--sshd_config.01022
1 files changed, 1022 insertions, 0 deletions
diff --git a/sshd_config.0 b/sshd_config.0
new file mode 100644
index 000000000..678ee14b4
--- /dev/null
+++ b/sshd_config.0
@@ -0,0 +1,1022 @@
1SSHD_CONFIG(5) File Formats Manual SSHD_CONFIG(5)
2
3NAME
4 sshd_config M-bM-^@M-^S OpenSSH SSH daemon configuration file
5
6DESCRIPTION
7 sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file
8 specified with -f on the command line). The file contains keyword-
9 argument pairs, one per line. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines
10 are interpreted as comments. Arguments may optionally be enclosed in
11 double quotes (") in order to represent arguments containing spaces.
12
13 The possible keywords and their meanings are as follows (note that
14 keywords are case-insensitive and arguments are case-sensitive):
15
16 AcceptEnv
17 Specifies what environment variables sent by the client will be
18 copied into the session's environ(7). See SendEnv in
19 ssh_config(5) for how to configure the client. The TERM
20 environment variable is always sent whenever the client requests
21 a pseudo-terminal as it is required by the protocol. Variables
22 are specified by name, which may contain the wildcard characters
23 M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be separated by
24 whitespace or spread across multiple AcceptEnv directives. Be
25 warned that some environment variables could be used to bypass
26 restricted user environments. For this reason, care should be
27 taken in the use of this directive. The default is not to accept
28 any environment variables.
29
30 AddressFamily
31 Specifies which address family should be used by sshd(8). Valid
32 arguments are any (the default), inet (use IPv4 only), or inet6
33 (use IPv6 only).
34
35 AllowAgentForwarding
36 Specifies whether ssh-agent(1) forwarding is permitted. The
37 default is yes. Note that disabling agent forwarding does not
38 improve security unless users are also denied shell access, as
39 they can always install their own forwarders.
40
41 AllowGroups
42 This keyword can be followed by a list of group name patterns,
43 separated by spaces. If specified, login is allowed only for
44 users whose primary group or supplementary group list matches one
45 of the patterns. Only group names are valid; a numerical group
46 ID is not recognized. By default, login is allowed for all
47 groups. The allow/deny directives are processed in the following
48 order: DenyUsers, AllowUsers, DenyGroups, and finally
49 AllowGroups.
50
51 See PATTERNS in ssh_config(5) for more information on patterns.
52
53 AllowStreamLocalForwarding
54 Specifies whether StreamLocal (Unix-domain socket) forwarding is
55 permitted. The available options are yes (the default) or all to
56 allow StreamLocal forwarding, no to prevent all StreamLocal
57 forwarding, local to allow local (from the perspective of ssh(1))
58 forwarding only or remote to allow remote forwarding only. Note
59 that disabling StreamLocal forwarding does not improve security
60 unless users are also denied shell access, as they can always
61 install their own forwarders.
62
63 AllowTcpForwarding
64 Specifies whether TCP forwarding is permitted. The available
65 options are yes (the default) or all to allow TCP forwarding, no
66 to prevent all TCP forwarding, local to allow local (from the
67 perspective of ssh(1)) forwarding only or remote to allow remote
68 forwarding only. Note that disabling TCP forwarding does not
69 improve security unless users are also denied shell access, as
70 they can always install their own forwarders.
71
72 AllowUsers
73 This keyword can be followed by a list of user name patterns,
74 separated by spaces. If specified, login is allowed only for
75 user names that match one of the patterns. Only user names are
76 valid; a numerical user ID is not recognized. By default, login
77 is allowed for all users. If the pattern takes the form
78 USER@HOST then USER and HOST are separately checked, restricting
79 logins to particular users from particular hosts. HOST criteria
80 may additionally contain addresses to match in CIDR
81 address/masklen format. The allow/deny directives are processed
82 in the following order: DenyUsers, AllowUsers, DenyGroups, and
83 finally AllowGroups.
84
85 See PATTERNS in ssh_config(5) for more information on patterns.
86
87 AuthenticationMethods
88 Specifies the authentication methods that must be successfully
89 completed for a user to be granted access. This option must be
90 followed by one or more comma-separated lists of authentication
91 method names, or by the single string any to indicate the default
92 behaviour of accepting any single authentication method. If the
93 default is overridden, then successful authentication requires
94 completion of every method in at least one of these lists.
95
96 For example, "publickey,password publickey,keyboard-interactive"
97 would require the user to complete public key authentication,
98 followed by either password or keyboard interactive
99 authentication. Only methods that are next in one or more lists
100 are offered at each stage, so for this example it would not be
101 possible to attempt password or keyboard-interactive
102 authentication before public key.
103
104 For keyboard interactive authentication it is also possible to
105 restrict authentication to a specific device by appending a colon
106 followed by the device identifier bsdauth, pam, or skey,
107 depending on the server configuration. For example,
108 "keyboard-interactive:bsdauth" would restrict keyboard
109 interactive authentication to the bsdauth device.
110
111 If the publickey method is listed more than once, sshd(8)
112 verifies that keys that have been used successfully are not
113 reused for subsequent authentications. For example,
114 "publickey,publickey" requires successful authentication using
115 two different public keys.
116
117 Note that each authentication method listed should also be
118 explicitly enabled in the configuration.
119
120 The available authentication methods are: "gssapi-with-mic",
121 "hostbased", "keyboard-interactive", "none" (used for access to
122 password-less accounts when PermitEmptyPassword is enabled),
123 "password" and "publickey".
124
125 AuthorizedKeysCommand
126 Specifies a program to be used to look up the user's public keys.
127 The program must be owned by root, not writable by group or
128 others and specified by an absolute path. Arguments to
129 AuthorizedKeysCommand accept the tokens described in the TOKENS
130 section. If no arguments are specified then the username of the
131 target user is used.
132
133 The program should produce on standard output zero or more lines
134 of authorized_keys output (see AUTHORIZED_KEYS in sshd(8)). If a
135 key supplied by AuthorizedKeysCommand does not successfully
136 authenticate and authorize the user then public key
137 authentication continues using the usual AuthorizedKeysFile
138 files. By default, no AuthorizedKeysCommand is run.
139
140 AuthorizedKeysCommandUser
141 Specifies the user under whose account the AuthorizedKeysCommand
142 is run. It is recommended to use a dedicated user that has no
143 other role on the host than running authorized keys commands. If
144 AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser
145 is not, then sshd(8) will refuse to start.
146
147 AuthorizedKeysFile
148 Specifies the file that contains the public keys used for user
149 authentication. The format is described in the AUTHORIZED_KEYS
150 FILE FORMAT section of sshd(8). Arguments to AuthorizedKeysFile
151 accept the tokens described in the TOKENS section. After
152 expansion, AuthorizedKeysFile is taken to be an absolute path or
153 one relative to the user's home directory. Multiple files may be
154 listed, separated by whitespace. Alternately this option may be
155 set to none to skip checking for user keys in files. The default
156 is ".ssh/authorized_keys .ssh/authorized_keys2".
157
158 AuthorizedPrincipalsCommand
159 Specifies a program to be used to generate the list of allowed
160 certificate principals as per AuthorizedPrincipalsFile. The
161 program must be owned by root, not writable by group or others
162 and specified by an absolute path. Arguments to
163 AuthorizedPrincipalsCommand accept the tokens described in the
164 TOKENS section. If no arguments are specified then the username
165 of the target user is used.
166
167 The program should produce on standard output zero or more lines
168 of AuthorizedPrincipalsFile output. If either
169 AuthorizedPrincipalsCommand or AuthorizedPrincipalsFile is
170 specified, then certificates offered by the client for
171 authentication must contain a principal that is listed. By
172 default, no AuthorizedPrincipalsCommand is run.
173
174 AuthorizedPrincipalsCommandUser
175 Specifies the user under whose account the
176 AuthorizedPrincipalsCommand is run. It is recommended to use a
177 dedicated user that has no other role on the host than running
178 authorized principals commands. If AuthorizedPrincipalsCommand
179 is specified but AuthorizedPrincipalsCommandUser is not, then
180 sshd(8) will refuse to start.
181
182 AuthorizedPrincipalsFile
183 Specifies a file that lists principal names that are accepted for
184 certificate authentication. When using certificates signed by a
185 key listed in TrustedUserCAKeys, this file lists names, one of
186 which must appear in the certificate for it to be accepted for
187 authentication. Names are listed one per line preceded by key
188 options (as described in AUTHORIZED_KEYS FILE FORMAT in sshd(8)).
189 Empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are ignored.
190
191 Arguments to AuthorizedPrincipalsFile accept the tokens described
192 in the TOKENS section. After expansion, AuthorizedPrincipalsFile
193 is taken to be an absolute path or one relative to the user's
194 home directory. The default is none, i.e. not to use a
195 principals file M-bM-^@M-^S in this case, the username of the user must
196 appear in a certificate's principals list for it to be accepted.
197
198 Note that AuthorizedPrincipalsFile is only used when
199 authentication proceeds using a CA listed in TrustedUserCAKeys
200 and is not consulted for certification authorities trusted via
201 ~/.ssh/authorized_keys, though the principals= key option offers
202 a similar facility (see sshd(8) for details).
203
204 Banner The contents of the specified file are sent to the remote user
205 before authentication is allowed. If the argument is none then
206 no banner is displayed. By default, no banner is displayed.
207
208 ChallengeResponseAuthentication
209 Specifies whether challenge-response authentication is allowed
210 (e.g. via PAM or through authentication styles supported in
211 login.conf(5)) The default is yes.
212
213 ChrootDirectory
214 Specifies the pathname of a directory to chroot(2) to after
215 authentication. At session startup sshd(8) checks that all
216 components of the pathname are root-owned directories which are
217 not writable by any other user or group. After the chroot,
218 sshd(8) changes the working directory to the user's home
219 directory. Arguments to ChrootDirectory accept the tokens
220 described in the TOKENS section.
221
222 The ChrootDirectory must contain the necessary files and
223 directories to support the user's session. For an interactive
224 session this requires at least a shell, typically sh(1), and
225 basic /dev nodes such as null(4), zero(4), stdin(4), stdout(4),
226 stderr(4), and tty(4) devices. For file transfer sessions using
227 SFTP no additional configuration of the environment is necessary
228 if the in-process sftp-server is used, though sessions which use
229 logging may require /dev/log inside the chroot directory on some
230 operating systems (see sftp-server(8) for details).
231
232 For safety, it is very important that the directory hierarchy be
233 prevented from modification by other processes on the system
234 (especially those outside the jail). Misconfiguration can lead
235 to unsafe environments which sshd(8) cannot detect.
236
237 The default is none, indicating not to chroot(2).
238
239 Ciphers
240 Specifies the ciphers allowed. Multiple ciphers must be comma-
241 separated. If the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
242 then the specified ciphers will be appended to the default set
243 instead of replacing them. If the specified value begins with a
244 M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified ciphers (including wildcards)
245 will be removed from the default set instead of replacing them.
246
247 The supported ciphers are:
248
249 3des-cbc
250 aes128-cbc
251 aes192-cbc
252 aes256-cbc
253 aes128-ctr
254 aes192-ctr
255 aes256-ctr
256 aes128-gcm@openssh.com
257 aes256-gcm@openssh.com
258 chacha20-poly1305@openssh.com
259
260 The default is:
261
262 chacha20-poly1305@openssh.com,
263 aes128-ctr,aes192-ctr,aes256-ctr,
264 aes128-gcm@openssh.com,aes256-gcm@openssh.com
265
266 The list of available ciphers may also be obtained using "ssh -Q
267 cipher".
268
269 ClientAliveCountMax
270 Sets the number of client alive messages which may be sent
271 without sshd(8) receiving any messages back from the client. If
272 this threshold is reached while client alive messages are being
273 sent, sshd will disconnect the client, terminating the session.
274 It is important to note that the use of client alive messages is
275 very different from TCPKeepAlive. The client alive messages are
276 sent through the encrypted channel and therefore will not be
277 spoofable. The TCP keepalive option enabled by TCPKeepAlive is
278 spoofable. The client alive mechanism is valuable when the
279 client or server depend on knowing when a connection has become
280 inactive.
281
282 The default value is 3. If ClientAliveInterval is set to 15, and
283 ClientAliveCountMax is left at the default, unresponsive SSH
284 clients will be disconnected after approximately 45 seconds.
285
286 ClientAliveInterval
287 Sets a timeout interval in seconds after which if no data has
288 been received from the client, sshd(8) will send a message
289 through the encrypted channel to request a response from the
290 client. The default is 0, indicating that these messages will
291 not be sent to the client.
292
293 Compression
294 Specifies whether compression is enabled after the user has
295 authenticated successfully. The argument must be yes, delayed (a
296 legacy synonym for yes) or no. The default is yes.
297
298 DenyGroups
299 This keyword can be followed by a list of group name patterns,
300 separated by spaces. Login is disallowed for users whose primary
301 group or supplementary group list matches one of the patterns.
302 Only group names are valid; a numerical group ID is not
303 recognized. By default, login is allowed for all groups. The
304 allow/deny directives are processed in the following order:
305 DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
306
307 See PATTERNS in ssh_config(5) for more information on patterns.
308
309 DenyUsers
310 This keyword can be followed by a list of user name patterns,
311 separated by spaces. Login is disallowed for user names that
312 match one of the patterns. Only user names are valid; a
313 numerical user ID is not recognized. By default, login is
314 allowed for all users. If the pattern takes the form USER@HOST
315 then USER and HOST are separately checked, restricting logins to
316 particular users from particular hosts. HOST criteria may
317 additionally contain addresses to match in CIDR address/masklen
318 format. The allow/deny directives are processed in the following
319 order: DenyUsers, AllowUsers, DenyGroups, and finally
320 AllowGroups.
321
322 See PATTERNS in ssh_config(5) for more information on patterns.
323
324 DisableForwarding
325 Disables all forwarding features, including X11, ssh-agent(1),
326 TCP and StreamLocal. This option overrides all other forwarding-
327 related options and may simplify restricted configurations.
328
329 ExposeAuthInfo
330 Writes a temporary file containing a list of authentication
331 methods and public credentials (e.g. keys) used to authenticate
332 the user. The location of the file is exposed to the user
333 session through the SSH_USER_AUTH environment variable. The
334 default is no.
335
336 FingerprintHash
337 Specifies the hash algorithm used when logging key fingerprints.
338 Valid options are: md5 and sha256. The default is sha256.
339
340 ForceCommand
341 Forces the execution of the command specified by ForceCommand,
342 ignoring any command supplied by the client and ~/.ssh/rc if
343 present. The command is invoked by using the user's login shell
344 with the -c option. This applies to shell, command, or subsystem
345 execution. It is most useful inside a Match block. The command
346 originally supplied by the client is available in the
347 SSH_ORIGINAL_COMMAND environment variable. Specifying a command
348 of internal-sftp will force the use of an in-process SFTP server
349 that requires no support files when used with ChrootDirectory.
350 The default is none.
351
352 GatewayPorts
353 Specifies whether remote hosts are allowed to connect to ports
354 forwarded for the client. By default, sshd(8) binds remote port
355 forwardings to the loopback address. This prevents other remote
356 hosts from connecting to forwarded ports. GatewayPorts can be
357 used to specify that sshd should allow remote port forwardings to
358 bind to non-loopback addresses, thus allowing other hosts to
359 connect. The argument may be no to force remote port forwardings
360 to be available to the local host only, yes to force remote port
361 forwardings to bind to the wildcard address, or clientspecified
362 to allow the client to select the address to which the forwarding
363 is bound. The default is no.
364
365 GSSAPIAuthentication
366 Specifies whether user authentication based on GSSAPI is allowed.
367 The default is no.
368
369 GSSAPICleanupCredentials
370 Specifies whether to automatically destroy the user's credentials
371 cache on logout. The default is yes.
372
373 GSSAPIStrictAcceptorCheck
374 Determines whether to be strict about the identity of the GSSAPI
375 acceptor a client authenticates against. If set to yes then the
376 client must authenticate against the host service on the current
377 hostname. If set to no then the client may authenticate against
378 any service key stored in the machine's default store. This
379 facility is provided to assist with operation on multi homed
380 machines. The default is yes.
381
382 HostbasedAcceptedKeyTypes
383 Specifies the key types that will be accepted for hostbased
384 authentication as a comma-separated pattern list. Alternately if
385 the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the
386 specified key types will be appended to the default set instead
387 of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y
388 character, then the specified key types (including wildcards)
389 will be removed from the default set instead of replacing them.
390 The default for this option is:
391
392 ecdsa-sha2-nistp256-cert-v01@openssh.com,
393 ecdsa-sha2-nistp384-cert-v01@openssh.com,
394 ecdsa-sha2-nistp521-cert-v01@openssh.com,
395 ssh-ed25519-cert-v01@openssh.com,
396 ssh-rsa-cert-v01@openssh.com,
397 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
398 ssh-ed25519,ssh-rsa
399
400 The list of available key types may also be obtained using "ssh
401 -Q key".
402
403 HostbasedAuthentication
404 Specifies whether rhosts or /etc/hosts.equiv authentication
405 together with successful public key client host authentication is
406 allowed (host-based authentication). The default is no.
407
408 HostbasedUsesNameFromPacketOnly
409 Specifies whether or not the server will attempt to perform a
410 reverse name lookup when matching the name in the ~/.shosts,
411 ~/.rhosts, and /etc/hosts.equiv files during
412 HostbasedAuthentication. A setting of yes means that sshd(8)
413 uses the name supplied by the client rather than attempting to
414 resolve the name from the TCP connection itself. The default is
415 no.
416
417 HostCertificate
418 Specifies a file containing a public host certificate. The
419 certificate's public key must match a private host key already
420 specified by HostKey. The default behaviour of sshd(8) is not to
421 load any certificates.
422
423 HostKey
424 Specifies a file containing a private host key used by SSH. The
425 defaults are /etc/ssh/ssh_host_dsa_key,
426 /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key and
427 /etc/ssh/ssh_host_rsa_key.
428
429 Note that sshd(8) will refuse to use a file if it is group/world-
430 accessible and that the HostKeyAlgorithms option restricts which
431 of the keys are actually used by sshd(8).
432
433 It is possible to have multiple host key files. It is also
434 possible to specify public host key files instead. In this case
435 operations on the private key will be delegated to an
436 ssh-agent(1).
437
438 HostKeyAgent
439 Identifies the UNIX-domain socket used to communicate with an
440 agent that has access to the private host keys. If the string
441 "SSH_AUTH_SOCK" is specified, the location of the socket will be
442 read from the SSH_AUTH_SOCK environment variable.
443
444 HostKeyAlgorithms
445 Specifies the host key algorithms that the server offers. The
446 default for this option is:
447
448 ecdsa-sha2-nistp256-cert-v01@openssh.com,
449 ecdsa-sha2-nistp384-cert-v01@openssh.com,
450 ecdsa-sha2-nistp521-cert-v01@openssh.com,
451 ssh-ed25519-cert-v01@openssh.com,
452 ssh-rsa-cert-v01@openssh.com,
453 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
454 ssh-ed25519,ssh-rsa
455
456 The list of available key types may also be obtained using "ssh
457 -Q key".
458
459 IgnoreRhosts
460 Specifies that .rhosts and .shosts files will not be used in
461 HostbasedAuthentication.
462
463 /etc/hosts.equiv and /etc/shosts.equiv are still used. The
464 default is yes.
465
466 IgnoreUserKnownHosts
467 Specifies whether sshd(8) should ignore the user's
468 ~/.ssh/known_hosts during HostbasedAuthentication. The default
469 is no.
470
471 IPQoS Specifies the IPv4 type-of-service or DSCP class for the
472 connection. Accepted values are af11, af12, af13, af21, af22,
473 af23, af31, af32, af33, af41, af42, af43, cs0, cs1, cs2, cs3,
474 cs4, cs5, cs6, cs7, ef, lowdelay, throughput, reliability, a
475 numeric value, or none to use the operating system default. This
476 option may take one or two arguments, separated by whitespace.
477 If one argument is specified, it is used as the packet class
478 unconditionally. If two values are specified, the first is
479 automatically selected for interactive sessions and the second
480 for non-interactive sessions. The default is lowdelay for
481 interactive sessions and throughput for non-interactive sessions.
482
483 KbdInteractiveAuthentication
484 Specifies whether to allow keyboard-interactive authentication.
485 The argument to this keyword must be yes or no. The default is
486 to use whatever value ChallengeResponseAuthentication is set to
487 (by default yes).
488
489 KerberosAuthentication
490 Specifies whether the password provided by the user for
491 PasswordAuthentication will be validated through the Kerberos
492 KDC. To use this option, the server needs a Kerberos servtab
493 which allows the verification of the KDC's identity. The default
494 is no.
495
496 KerberosGetAFSToken
497 If AFS is active and the user has a Kerberos 5 TGT, attempt to
498 acquire an AFS token before accessing the user's home directory.
499 The default is no.
500
501 KerberosOrLocalPasswd
502 If password authentication through Kerberos fails then the
503 password will be validated via any additional local mechanism
504 such as /etc/passwd. The default is yes.
505
506 KerberosTicketCleanup
507 Specifies whether to automatically destroy the user's ticket
508 cache file on logout. The default is yes.
509
510 KexAlgorithms
511 Specifies the available KEX (Key Exchange) algorithms. Multiple
512 algorithms must be comma-separated. Alternately if the specified
513 value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified methods
514 will be appended to the default set instead of replacing them.
515 If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y character, then the
516 specified methods (including wildcards) will be removed from the
517 default set instead of replacing them. The supported algorithms
518 are:
519
520 curve25519-sha256
521 curve25519-sha256@libssh.org
522 diffie-hellman-group1-sha1
523 diffie-hellman-group14-sha1
524 diffie-hellman-group-exchange-sha1
525 diffie-hellman-group-exchange-sha256
526 ecdh-sha2-nistp256
527 ecdh-sha2-nistp384
528 ecdh-sha2-nistp521
529
530 The default is:
531
532 curve25519-sha256,curve25519-sha256@libssh.org,
533 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
534 diffie-hellman-group-exchange-sha256,
535 diffie-hellman-group14-sha1
536
537 The list of available key exchange algorithms may also be
538 obtained using "ssh -Q kex".
539
540 ListenAddress
541 Specifies the local addresses sshd(8) should listen on. The
542 following forms may be used:
543
544 ListenAddress host|IPv4_addr|IPv6_addr
545 ListenAddress host|IPv4_addr:port
546 ListenAddress [host|IPv6_addr]:port
547
548 If port is not specified, sshd will listen on the address and all
549 Port options specified. The default is to listen on all local
550 addresses. Multiple ListenAddress options are permitted.
551
552 LoginGraceTime
553 The server disconnects after this time if the user has not
554 successfully logged in. If the value is 0, there is no time
555 limit. The default is 120 seconds.
556
557 LogLevel
558 Gives the verbosity level that is used when logging messages from
559 sshd(8). The possible values are: QUIET, FATAL, ERROR, INFO,
560 VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO.
561 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify
562 higher levels of debugging output. Logging with a DEBUG level
563 violates the privacy of users and is not recommended.
564
565 MACs Specifies the available MAC (message authentication code)
566 algorithms. The MAC algorithm is used for data integrity
567 protection. Multiple algorithms must be comma-separated. If the
568 specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified
569 algorithms will be appended to the default set instead of
570 replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y
571 character, then the specified algorithms (including wildcards)
572 will be removed from the default set instead of replacing them.
573
574 The algorithms that contain "-etm" calculate the MAC after
575 encryption (encrypt-then-mac). These are considered safer and
576 their use recommended. The supported MACs are:
577
578 hmac-md5
579 hmac-md5-96
580 hmac-sha1
581 hmac-sha1-96
582 hmac-sha2-256
583 hmac-sha2-512
584 umac-64@openssh.com
585 umac-128@openssh.com
586 hmac-md5-etm@openssh.com
587 hmac-md5-96-etm@openssh.com
588 hmac-sha1-etm@openssh.com
589 hmac-sha1-96-etm@openssh.com
590 hmac-sha2-256-etm@openssh.com
591 hmac-sha2-512-etm@openssh.com
592 umac-64-etm@openssh.com
593 umac-128-etm@openssh.com
594
595 The default is:
596
597 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
598 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
599 hmac-sha1-etm@openssh.com,
600 umac-64@openssh.com,umac-128@openssh.com,
601 hmac-sha2-256,hmac-sha2-512,hmac-sha1
602
603 The list of available MAC algorithms may also be obtained using
604 "ssh -Q mac".
605
606 Match Introduces a conditional block. If all of the criteria on the
607 Match line are satisfied, the keywords on the following lines
608 override those set in the global section of the config file,
609 until either another Match line or the end of the file. If a
610 keyword appears in multiple Match blocks that are satisfied, only
611 the first instance of the keyword is applied.
612
613 The arguments to Match are one or more criteria-pattern pairs or
614 the single token All which matches all criteria. The available
615 criteria are User, Group, Host, LocalAddress, LocalPort, and
616 Address. The match patterns may consist of single entries or
617 comma-separated lists and may use the wildcard and negation
618 operators described in the PATTERNS section of ssh_config(5).
619
620 The patterns in an Address criteria may additionally contain
621 addresses to match in CIDR address/masklen format, such as
622 192.0.2.0/24 or 2001:db8::/32. Note that the mask length
623 provided must be consistent with the address - it is an error to
624 specify a mask length that is too long for the address or one
625 with bits set in this host portion of the address. For example,
626 192.0.2.0/33 and 192.0.2.0/8, respectively.
627
628 Only a subset of keywords may be used on the lines following a
629 Match keyword. Available keywords are AcceptEnv,
630 AllowAgentForwarding, AllowGroups, AllowStreamLocalForwarding,
631 AllowTcpForwarding, AllowUsers, AuthenticationMethods,
632 AuthorizedKeysCommand, AuthorizedKeysCommandUser,
633 AuthorizedKeysFile, AuthorizedPrincipalsCommand,
634 AuthorizedPrincipalsCommandUser, AuthorizedPrincipalsFile,
635 Banner, ChrootDirectory, ClientAliveCountMax,
636 ClientAliveInterval, DenyGroups, DenyUsers, ForceCommand,
637 GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes,
638 HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS,
639 KbdInteractiveAuthentication, KerberosAuthentication, LogLevel,
640 MaxAuthTries, MaxSessions, PasswordAuthentication,
641 PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY,
642 PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes,
643 PubkeyAuthentication, RekeyLimit, RevokedKeys,
644 StreamLocalBindMask, StreamLocalBindUnlink, TrustedUserCAKeys,
645 X11DisplayOffset, X11Forwarding and X11UseLocalHost.
646
647 MaxAuthTries
648 Specifies the maximum number of authentication attempts permitted
649 per connection. Once the number of failures reaches half this
650 value, additional failures are logged. The default is 6.
651
652 MaxSessions
653 Specifies the maximum number of open shell, login or subsystem
654 (e.g. sftp) sessions permitted per network connection. Multiple
655 sessions may be established by clients that support connection
656 multiplexing. Setting MaxSessions to 1 will effectively disable
657 session multiplexing, whereas setting it to 0 will prevent all
658 shell, login and subsystem sessions while still permitting
659 forwarding. The default is 10.
660
661 MaxStartups
662 Specifies the maximum number of concurrent unauthenticated
663 connections to the SSH daemon. Additional connections will be
664 dropped until authentication succeeds or the LoginGraceTime
665 expires for a connection. The default is 10:30:100.
666
667 Alternatively, random early drop can be enabled by specifying the
668 three colon separated values start:rate:full (e.g. "10:30:60").
669 sshd(8) will refuse connection attempts with a probability of
670 rate/100 (30%) if there are currently start (10) unauthenticated
671 connections. The probability increases linearly and all
672 connection attempts are refused if the number of unauthenticated
673 connections reaches full (60).
674
675 PasswordAuthentication
676 Specifies whether password authentication is allowed. The
677 default is yes.
678
679 PermitEmptyPasswords
680 When password authentication is allowed, it specifies whether the
681 server allows login to accounts with empty password strings. The
682 default is no.
683
684 PermitOpen
685 Specifies the destinations to which TCP port forwarding is
686 permitted. The forwarding specification must be one of the
687 following forms:
688
689 PermitOpen host:port
690 PermitOpen IPv4_addr:port
691 PermitOpen [IPv6_addr]:port
692
693 Multiple forwards may be specified by separating them with
694 whitespace. An argument of any can be used to remove all
695 restrictions and permit any forwarding requests. An argument of
696 none can be used to prohibit all forwarding requests. The
697 wildcard M-bM-^@M-^X*M-bM-^@M-^Y can be used for host or port to allow all hosts or
698 ports, respectively. By default all port forwarding requests are
699 permitted.
700
701 PermitRootLogin
702 Specifies whether root can log in using ssh(1). The argument
703 must be yes, prohibit-password, without-password,
704 forced-commands-only, or no. The default is prohibit-password.
705
706 If this option is set to prohibit-password or without-password,
707 password and keyboard-interactive authentication are disabled for
708 root.
709
710 If this option is set to forced-commands-only, root login with
711 public key authentication will be allowed, but only if the
712 command option has been specified (which may be useful for taking
713 remote backups even if root login is normally not allowed). All
714 other authentication methods are disabled for root.
715
716 If this option is set to no, root is not allowed to log in.
717
718 PermitTTY
719 Specifies whether pty(4) allocation is permitted. The default is
720 yes.
721
722 PermitTunnel
723 Specifies whether tun(4) device forwarding is allowed. The
724 argument must be yes, point-to-point (layer 3), ethernet (layer
725 2), or no. Specifying yes permits both point-to-point and
726 ethernet. The default is no.
727
728 Independent of this setting, the permissions of the selected
729 tun(4) device must allow access to the user.
730
731 PermitUserEnvironment
732 Specifies whether ~/.ssh/environment and environment= options in
733 ~/.ssh/authorized_keys are processed by sshd(8). The default is
734 no. Enabling environment processing may enable users to bypass
735 access restrictions in some configurations using mechanisms such
736 as LD_PRELOAD.
737
738 PermitUserRC
739 Specifies whether any ~/.ssh/rc file is executed. The default is
740 yes.
741
742 PidFile
743 Specifies the file that contains the process ID of the SSH
744 daemon, or none to not write one. The default is
745 /var/run/sshd.pid.
746
747 Port Specifies the port number that sshd(8) listens on. The default
748 is 22. Multiple options of this type are permitted. See also
749 ListenAddress.
750
751 PrintLastLog
752 Specifies whether sshd(8) should print the date and time of the
753 last user login when a user logs in interactively. The default
754 is yes.
755
756 PrintMotd
757 Specifies whether sshd(8) should print /etc/motd when a user logs
758 in interactively. (On some systems it is also printed by the
759 shell, /etc/profile, or equivalent.) The default is yes.
760
761 PubkeyAcceptedKeyTypes
762 Specifies the key types that will be accepted for public key
763 authentication as a comma-separated pattern list. Alternately if
764 the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the
765 specified key types will be appended to the default set instead
766 of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y
767 character, then the specified key types (including wildcards)
768 will be removed from the default set instead of replacing them.
769 The default for this option is:
770
771 ecdsa-sha2-nistp256-cert-v01@openssh.com,
772 ecdsa-sha2-nistp384-cert-v01@openssh.com,
773 ecdsa-sha2-nistp521-cert-v01@openssh.com,
774 ssh-ed25519-cert-v01@openssh.com,
775 ssh-rsa-cert-v01@openssh.com,
776 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
777 ssh-ed25519,ssh-rsa
778
779 The list of available key types may also be obtained using "ssh
780 -Q key".
781
782 PubkeyAuthentication
783 Specifies whether public key authentication is allowed. The
784 default is yes.
785
786 RekeyLimit
787 Specifies the maximum amount of data that may be transmitted
788 before the session key is renegotiated, optionally followed a
789 maximum amount of time that may pass before the session key is
790 renegotiated. The first argument is specified in bytes and may
791 have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate Kilobytes,
792 Megabytes, or Gigabytes, respectively. The default is between
793 M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher. The optional second
794 value is specified in seconds and may use any of the units
795 documented in the TIME FORMATS section. The default value for
796 RekeyLimit is default none, which means that rekeying is
797 performed after the cipher's default amount of data has been sent
798 or received and no time based rekeying is done.
799
800 RevokedKeys
801 Specifies revoked public keys file, or none to not use one. Keys
802 listed in this file will be refused for public key
803 authentication. Note that if this file is not readable, then
804 public key authentication will be refused for all users. Keys
805 may be specified as a text file, listing one public key per line,
806 or as an OpenSSH Key Revocation List (KRL) as generated by
807 ssh-keygen(1). For more information on KRLs, see the KEY
808 REVOCATION LISTS section in ssh-keygen(1).
809
810 StreamLocalBindMask
811 Sets the octal file creation mode mask (umask) used when creating
812 a Unix-domain socket file for local or remote port forwarding.
813 This option is only used for port forwarding to a Unix-domain
814 socket file.
815
816 The default value is 0177, which creates a Unix-domain socket
817 file that is readable and writable only by the owner. Note that
818 not all operating systems honor the file mode on Unix-domain
819 socket files.
820
821 StreamLocalBindUnlink
822 Specifies whether to remove an existing Unix-domain socket file
823 for local or remote port forwarding before creating a new one.
824 If the socket file already exists and StreamLocalBindUnlink is
825 not enabled, sshd will be unable to forward the port to the Unix-
826 domain socket file. This option is only used for port forwarding
827 to a Unix-domain socket file.
828
829 The argument must be yes or no. The default is no.
830
831 StrictModes
832 Specifies whether sshd(8) should check file modes and ownership
833 of the user's files and home directory before accepting login.
834 This is normally desirable because novices sometimes accidentally
835 leave their directory or files world-writable. The default is
836 yes. Note that this does not apply to ChrootDirectory, whose
837 permissions and ownership are checked unconditionally.
838
839 Subsystem
840 Configures an external subsystem (e.g. file transfer daemon).
841 Arguments should be a subsystem name and a command (with optional
842 arguments) to execute upon subsystem request.
843
844 The command sftp-server implements the SFTP file transfer
845 subsystem.
846
847 Alternately the name internal-sftp implements an in-process SFTP
848 server. This may simplify configurations using ChrootDirectory
849 to force a different filesystem root on clients.
850
851 By default no subsystems are defined.
852
853 SyslogFacility
854 Gives the facility code that is used when logging messages from
855 sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0,
856 LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The
857 default is AUTH.
858
859 TCPKeepAlive
860 Specifies whether the system should send TCP keepalive messages
861 to the other side. If they are sent, death of the connection or
862 crash of one of the machines will be properly noticed. However,
863 this means that connections will die if the route is down
864 temporarily, and some people find it annoying. On the other
865 hand, if TCP keepalives are not sent, sessions may hang
866 indefinitely on the server, leaving "ghost" users and consuming
867 server resources.
868
869 The default is yes (to send TCP keepalive messages), and the
870 server will notice if the network goes down or the client host
871 crashes. This avoids infinitely hanging sessions.
872
873 To disable TCP keepalive messages, the value should be set to no.
874
875 TrustedUserCAKeys
876 Specifies a file containing public keys of certificate
877 authorities that are trusted to sign user certificates for
878 authentication, or none to not use one. Keys are listed one per
879 line; empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are allowed. If
880 a certificate is presented for authentication and has its signing
881 CA key listed in this file, then it may be used for
882 authentication for any user listed in the certificate's
883 principals list. Note that certificates that lack a list of
884 principals will not be permitted for authentication using
885 TrustedUserCAKeys. For more details on certificates, see the
886 CERTIFICATES section in ssh-keygen(1).
887
888 UseDNS Specifies whether sshd(8) should look up the remote host name,
889 and to check that the resolved host name for the remote IP
890 address maps back to the very same IP address.
891
892 If this option is set to no (the default) then only addresses and
893 not host names may be used in ~/.ssh/authorized_keys from and
894 sshd_config Match Host directives.
895
896 UsePAM Enables the Pluggable Authentication Module interface. If set to
897 yes this will enable PAM authentication using
898 ChallengeResponseAuthentication and PasswordAuthentication in
899 addition to PAM account and session module processing for all
900 authentication types.
901
902 Because PAM challenge-response authentication usually serves an
903 equivalent role to password authentication, you should disable
904 either PasswordAuthentication or ChallengeResponseAuthentication.
905
906 If UsePAM is enabled, you will not be able to run sshd(8) as a
907 non-root user. The default is no.
908
909 VersionAddendum
910 Optionally specifies additional text to append to the SSH
911 protocol banner sent by the server upon connection. The default
912 is none.
913
914 X11DisplayOffset
915 Specifies the first display number available for sshd(8)'s X11
916 forwarding. This prevents sshd from interfering with real X11
917 servers. The default is 10.
918
919 X11Forwarding
920 Specifies whether X11 forwarding is permitted. The argument must
921 be yes or no. The default is no.
922
923 When X11 forwarding is enabled, there may be additional exposure
924 to the server and to client displays if the sshd(8) proxy display
925 is configured to listen on the wildcard address (see
926 X11UseLocalhost), though this is not the default. Additionally,
927 the authentication spoofing and authentication data verification
928 and substitution occur on the client side. The security risk of
929 using X11 forwarding is that the client's X11 display server may
930 be exposed to attack when the SSH client requests forwarding (see
931 the warnings for ForwardX11 in ssh_config(5)). A system
932 administrator may have a stance in which they want to protect
933 clients that may expose themselves to attack by unwittingly
934 requesting X11 forwarding, which can warrant a no setting.
935
936 Note that disabling X11 forwarding does not prevent users from
937 forwarding X11 traffic, as users can always install their own
938 forwarders.
939
940 X11UseLocalhost
941 Specifies whether sshd(8) should bind the X11 forwarding server
942 to the loopback address or to the wildcard address. By default,
943 sshd binds the forwarding server to the loopback address and sets
944 the hostname part of the DISPLAY environment variable to
945 localhost. This prevents remote hosts from connecting to the
946 proxy display. However, some older X11 clients may not function
947 with this configuration. X11UseLocalhost may be set to no to
948 specify that the forwarding server should be bound to the
949 wildcard address. The argument must be yes or no. The default
950 is yes.
951
952 XAuthLocation
953 Specifies the full pathname of the xauth(1) program, or none to
954 not use one. The default is /usr/X11R6/bin/xauth.
955
956TIME FORMATS
957 sshd(8) command-line arguments and configuration file options that
958 specify time may be expressed using a sequence of the form:
959 time[qualifier], where time is a positive integer value and qualifier is
960 one of the following:
961
962 M-bM-^_M-(noneM-bM-^_M-) seconds
963 s | S seconds
964 m | M minutes
965 h | H hours
966 d | D days
967 w | W weeks
968
969 Each member of the sequence is added together to calculate the total time
970 value.
971
972 Time format examples:
973
974 600 600 seconds (10 minutes)
975 10m 10 minutes
976 1h30m 1 hour 30 minutes (90 minutes)
977
978TOKENS
979 Arguments to some keywords can make use of tokens, which are expanded at
980 runtime:
981
982 %% A literal M-bM-^@M-^X%M-bM-^@M-^Y.
983 %F The fingerprint of the CA key.
984 %f The fingerprint of the key or certificate.
985 %h The home directory of the user.
986 %i The key ID in the certificate.
987 %K The base64-encoded CA key.
988 %k The base64-encoded key or certificate for authentication.
989 %s The serial number of the certificate.
990 %T The type of the CA key.
991 %t The key or certificate type.
992 %u The username.
993
994 AuthorizedKeysCommand accepts the tokens %%, %f, %h, %k, %t, and %u.
995
996 AuthorizedKeysFile accepts the tokens %%, %h, and %u.
997
998 AuthorizedPrincipalsCommand accepts the tokens %%, %F, %f, %h, %i, %K,
999 %k, %s, %T, %t, and %u.
1000
1001 AuthorizedPrincipalsFile accepts the tokens %%, %h, and %u.
1002
1003 ChrootDirectory accepts the tokens %%, %h, and %u.
1004
1005FILES
1006 /etc/ssh/sshd_config
1007 Contains configuration data for sshd(8). This file should be
1008 writable by root only, but it is recommended (though not
1009 necessary) that it be world-readable.
1010
1011SEE ALSO
1012 sftp-server(8), sshd(8)
1013
1014AUTHORS
1015 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
1016 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
1017 de Raadt and Dug Song removed many bugs, re-added newer features and
1018 created OpenSSH. Markus Friedl contributed the support for SSH protocol
1019 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
1020 for privilege separation.
1021
1022OpenBSD 6.2 September 27, 2017 OpenBSD 6.2
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-27 09:37:57 +0000