#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
-# rhosts authentication should not be used
-RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
-# Set this to 'yes' to enable PAM keyboard-interactive authentication
-# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
-#PAMAuthenticationViaKbdInt yes
+# Set this to 'yes' to enable PAM authentication (via challenge-response)
+# and session processing. Depending on your PAM configuration, this may
+# bypass the setting of 'PasswordAuthentication'
+UsePAM yes
X11Forwarding no
X11DisplayOffset 10