summaryrefslogtreecommitdiff
path: root/sshd_config.5
diff options
context:
space:
mode:
Diffstat (limited to 'sshd_config.5')
-rw-r--r--sshd_config.520
1 files changed, 16 insertions, 4 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index 5af4b1b27..841cb29d3 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd_config.5,v 1.44 2005/07/25 11:59:40 markus Exp $ 37.\" $OpenBSD: sshd_config.5,v 1.48 2006/01/02 17:09:49 jmc Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD_CONFIG 5 39.Dt SSHD_CONFIG 5
40.Os 40.Os
@@ -181,7 +181,7 @@ The default is
181 aes192-ctr,aes256-ctr'' 181 aes192-ctr,aes256-ctr''
182.Ed 182.Ed
183.It Cm ClientAliveCountMax 183.It Cm ClientAliveCountMax
184Sets the number of client alive messages (see above) which may be 184Sets the number of client alive messages (see below) which may be
185sent without 185sent without
186.Nm sshd 186.Nm sshd
187receiving any messages back from the client. 187receiving any messages back from the client.
@@ -203,7 +203,7 @@ server depend on knowing when a connection has become inactive.
203The default value is 3. 203The default value is 3.
204If 204If
205.Cm ClientAliveInterval 205.Cm ClientAliveInterval
206(above) is set to 15, and 206(see below) is set to 15, and
207.Cm ClientAliveCountMax 207.Cm ClientAliveCountMax
208is left at the default, unresponsive ssh clients 208is left at the default, unresponsive ssh clients
209will be disconnected after approximately 45 seconds. 209will be disconnected after approximately 45 seconds.
@@ -354,7 +354,7 @@ Kerberos servtab which allows the verification of the KDC's identity.
354Default is 354Default is
355.Dq no . 355.Dq no .
356.It Cm KerberosGetAFSToken 356.It Cm KerberosGetAFSToken
357If AFS is active and the user has a Kerberos 5 TGT, attempt to aquire 357If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire
358an AFS token before accessing the user's home directory. 358an AFS token before accessing the user's home directory.
359Default is 359Default is
360.Dq no . 360.Dq no .
@@ -508,6 +508,18 @@ All other authentication methods are disabled for root.
508If this option is set to 508If this option is set to
509.Dq no 509.Dq no
510root is not allowed to log in. 510root is not allowed to log in.
511.It Cm PermitTunnel
512Specifies whether
513.Xr tun 4
514device forwarding is allowed.
515The argument must be
516.Dq yes ,
517.Dq point-to-point ,
518.Dq ethernet
519or
520.Dq no .
521The default is
522.Dq no .
511.It Cm PermitUserEnvironment 523.It Cm PermitUserEnvironment
512Specifies whether 524Specifies whether
513.Pa ~/.ssh/environment 525.Pa ~/.ssh/environment