1 --- openssh-4.6p1/sshd_config~ 2007-10-13 01:37:17.000000000 +0200
2 +++ openssh-4.6p1/sshd_config 2007-10-13 01:47:12.000000000 +0200
12 #IgnoreUserKnownHosts no
13 # Don't read the user's ~/.rhosts and ~/.shosts files
17 # To disable tunneled clear text passwords, change to no here!
18 #PasswordAuthentication yes
19 #PermitEmptyPasswords no
20 +PasswordAuthentication yes
21 +PermitEmptyPasswords no
23 # Change to no to disable s/key passwords
24 #ChallengeResponseAuthentication yes
27 #GSSAPIAuthentication no
28 #GSSAPICleanupCredentials yes
29 +GSSAPIAuthentication yes
30 +GSSAPICleanupCredentials yes
32 # Set this to 'yes' to enable PAM authentication, account processing,
33 # and session processing. If this is enabled, PAM authentication will
35 # If you just want the PAM account and session checks to run without
36 # PAM authentication, then enable this but set PasswordAuthentication
37 # and ChallengeResponseAuthentication to 'no'.
41 #AllowAgentForwarding yes
42 -#AllowTcpForwarding yes
44 +# http://securitytracker.com/alerts/2004/Sep/1011143.html
45 +AllowTcpForwarding no
50 # no default banner path
53 +# Accept locale-related environment variables, also accept some GIT vars
54 +AcceptEnv LANG LC_* LANGUAGE TZ GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL GIT_COMMITTER_NAME GIT_COMMITTER_EMAIL
56 # override default of no subsystems
57 Subsystem sftp /usr/libexec/sftp-server
60 # override default of no subsystems
61 Subsystem sftp /usr/libexec/sftp-server
63 +# Uncomment this if you want to use .local domain
67 # Example of overriding settings on a per-user basis
70 --- openssh-4.6p1/ssh_config~ 2006-06-13 05:01:10.000000000 +0200
71 +++ openssh-4.6p1/ssh_config 2007-10-13 02:00:16.000000000 +0200
76 +# ForwardX11Trusted yes
77 # RhostsRSAAuthentication no
78 # RSAAuthentication yes
79 # PasswordAuthentication yes
80 # HostbasedAuthentication no
81 # GSSAPIAuthentication no
82 # GSSAPIDelegateCredentials no
83 +# GSSAPIKeyExchange no
90 # ProxyCommand ssh -q -W %h:%p gateway.example.com
94 + GSSAPIAuthentication yes
95 + GSSAPIDelegateCredentials no
98 +# If this option is set to yes then remote X11 clients will have full access
99 +# to the original X11 display. As virtually no X11 client supports the untrusted
100 +# mode correctly we set this to yes.
101 + ForwardX11Trusted yes
102 + StrictHostKeyChecking no
103 + ServerAliveInterval 60
104 + ServerAliveCountMax 10
106 +# Send locale-related environment variables, also pass some GIT vars
107 + SendEnv LANG LC_* LANGUAGE TZ GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL GIT_COMMITTER_NAME GIT_COMMITTER_EMAIL