1 --- openssh-4.6p1/sshd_config~ 2007-10-13 01:37:17.000000000 +0200
2 +++ openssh-4.6p1/sshd_config 2007-10-13 01:47:12.000000000 +0200
7 -#PermitRootLogin prohibit-password
13 # To disable tunneled clear text passwords, change to no here!
14 #PasswordAuthentication yes
15 #PermitEmptyPasswords no
18 +## PubkeyAcceptedKeyTypes +ssh-dss
20 # Change to no to disable s/key passwords
21 #ChallengeResponseAuthentication yes
24 #GSSAPIAuthentication no
25 #GSSAPICleanupCredentials yes
26 +GSSAPIAuthentication yes
28 # Set this to 'yes' to enable PAM authentication, account processing,
29 # and session processing. If this is enabled, PAM authentication will
31 # If you just want the PAM account and session checks to run without
32 # PAM authentication, then enable this but set PasswordAuthentication
33 # and ChallengeResponseAuthentication to 'no'.
37 #AllowAgentForwarding yes
38 -#AllowTcpForwarding yes
40 +# http://securitytracker.com/alerts/2004/Sep/1011143.html
41 +AllowTcpForwarding no
46 # no default banner path
49 +# Accept locale-related environment variables, also accept some GIT vars
50 +AcceptEnv LANG LC_* LANGUAGE XMODIFIERS TZ GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL GIT_COMMITTER_NAME GIT_COMMITTER_EMAIL
52 # override default of no subsystems
53 Subsystem sftp /usr/libexec/sftp-server
56 # override default of no subsystems
57 Subsystem sftp /usr/libexec/sftp-server
59 +# Uncomment this if you want to use .local domain
63 # Example of overriding settings on a per-user basis
66 --- openssh-4.6p1/ssh_config~ 2006-06-13 05:01:10.000000000 +0200
67 +++ openssh-4.6p1/ssh_config 2007-10-13 02:00:16.000000000 +0200
72 +# ForwardX11Trusted yes
73 # RhostsRSAAuthentication no
74 # RSAAuthentication yes
75 # PasswordAuthentication yes
76 # HostbasedAuthentication no
77 # GSSAPIAuthentication no
78 # GSSAPIDelegateCredentials no
79 +# GSSAPIKeyExchange no
86 # ProxyCommand ssh -q -W %h:%p gateway.example.com
90 + GSSAPIAuthentication yes
91 + GSSAPIDelegateCredentials no
94 +# If this option is set to yes then remote X11 clients will have full access
95 +# to the original X11 display. As virtually no X11 client supports the untrusted
96 +# mode correctly we set this to yes.
97 + ForwardX11Trusted yes
98 + StrictHostKeyChecking no
99 + ServerAliveInterval 60
100 + ServerAliveCountMax 10
103 +# PubkeyAcceptedKeyTypes +ssh-dss
104 +# HostkeyAlgorithms +ssh-dss
105 +# Send locale-related environment variables, also pass some GIT vars
106 + SendEnv LANG LC_* LANGUAGE XMODIFIERS TZ GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL GIT_COMMITTER_NAME GIT_COMMITTER_EMAIL