# Authentication:
#LoginGraceTime 2m
--#PermitRootLogin no
+-#PermitRootLogin prohibit-password
+PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
-@@ -50,10 +51,13 @@
+@@ -50,10 +51,16 @@
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
#PermitEmptyPasswords no
+PasswordAuthentication yes
+PermitEmptyPasswords no
++
++# Allow DSA keys
++PubkeyAcceptedKeyTypes +ssh-dss
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
-@@ -66,6 +67,8 @@
+@@ -66,6 +70,8 @@
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
-@@ -89,10 +89,12 @@
+@@ -89,10 +92,12 @@
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
-@@ -106,6 +109,9 @@
+@@ -106,6 +112,9 @@
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
-@@ -119,6 +130,10 @@
+@@ -119,6 +133,10 @@
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
# BatchMode no
# CheckHostIP yes
# AddressFamily any
-@@ -42,3 +45,19 @@
+@@ -42,3 +45,22 @@
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
+ ServerAliveInterval 60
+ ServerAliveCountMax 10
+ TCPKeepAlive no
++ # Allow DSA keys
++# PubkeyAcceptedKeyTypes +ssh-dss
++# HostkeyAlgorithms +ssh-dss
+# Send locale-related environment variables, also pass some GIT vars
+ SendEnv LANG LC_* LANGUAGE XMODIFIERS TZ GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL GIT_COMMITTER_NAME GIT_COMMITTER_EMAIL
+ HashKnownHosts yes
projects / packages / openssh.git / blobdiff