# default value.
Port 22
-Protocol 1,2
+Protocol 2
+#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
-# rhosts authentication should not be used
-RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
# bypass the setting of 'PasswordAuthentication'
UsePAM yes
+# Set this to 'yes' to enable support for chrooted user environment.
+# You must create such environment before you can use this feature.
+#UseChroot yes
+
X11Forwarding no
X11DisplayOffset 10
X11UseLocalhost yes
#VerifyReverseMapping no
# override default of no subsystems
-#Subsystem sftp /usr/lib/openssh/sftp-server
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Security advisory:
+# http://securitytracker.com/alerts/2004/Sep/1011143.html
+AllowTcpForwarding no