sshd_config

# This is ssh server systemwide configuration file.
#
# /etc/sshd_config

#Port 			22
ListenAddress 		0.0.0.0
#HostKey			/etc/ssh_host_key
#RandomSeed			/etc/ssh_random_seed
#PidFile 		      /etc/sshd.pid
#ServerKeyBits		768
LoginGraceTime 		180
#KeyRegenerationInterval 3600
#umask
#KeepAlive			yes
#CheckMail			yes
#IdleTimeout time

X11Forwarding 		yes
#X11DisplayOffset
#XAuthLocation

# Check permissions of important files/dirs:
StrictModes 		yes

####### logging #####
# Minimal logging?
#QuietMode 		      no
#FascistLogging 		no

SyslogFacility 		DAEMON
#SyslogFacility 		AUTH
#SilentDeny

# Avoid double banner:
PrintMotd 		      no

########## Trust ########
# .rhosts, .shosts ignored?
# /etc/hosts.equiv and /etc/shosts.equiv are still used 
IgnoreRhosts 		no
#IgnoreRootRhosts

# authentication using rhosts or /etc/hosts.equiv
RhostsAuthentication 	no
# authentication using rhosts + RSA host auth
# The host must be known (ssh_known_hosts) and be in .[sr]hosts
RhostsRSAAuthentication yes

# Allow login with pure RSA public/private keys? 
# (will circumvent UNIX login)
RSAAuthentication 	no 

########## login ########
#ForcedEmptyPasswdChange	no
#ForcedPasswdChange		yes
#KerberosAuthentication
#KerberosOrLocalPasswd
#KerberosTgtPassing
#TISAuthentication
#AccountExpireWarningDays
#PasswordExpireWarningDays
# Allow login with UNIX password?
PasswordAuthentication 	yes

# Should logins be allowed with empty passwords?
PermitEmptyPasswords 	no

#yes, no, nopwd (disables password-authenticated root logins)
PermitRootLogin 	yes


######## Access control #######
# Allow access from two trusted admin hosts
#AllowHosts 	176.17.17.12 176.17.17.11 
# AllowHosts *.our.com friend.other.com
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org 195.*

# Restrict user groups
#AllowGroups
#DenyGroups

# Restrict users
#AllowUsers
#DenyUsers jim bill@host1

# Which clients can access .shosts here?
#AllowSHosts
#DenySHosts


#EOF