# Package generated configuration file# See the sshd(8) manpage for details
# What ports, IPs and protocols we listen forPort 22# Use these options to restrict which interfaces/protocols sshd will bind to#ListenAddress ::ListenAddress 10.0.0.10Protocol 2# HostKeys for protocol version 2HostKey /etc/ssh/ssh_host_rsa_keyHostKey /etc/ssh/ssh_host_dsa_key#Privilege Separation is turned on for securityUsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server keyKeyRegenerationInterval 3600ServerKeyBits 768
# LoggingSyslogFacility AUTHLogLevel INFO
# Authentication:LoginGraceTime 600PermitRootLogin yesStrictModes yes
RSAAuthentication yesPubkeyAuthentication yesAuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts filesIgnoreRhosts yes# For this to work you will also need host keys in /etc/ssh_known_hostsRhostsRSAAuthentication no# similar for protocol version 2HostbasedAuthentication no# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)PermitEmptyPasswords yes
# Change to no to disable s/key passwords#ChallengeResponseAuthentication yes
# Change to yes to enable tunnelled clear text passwordsPasswordAuthentication no
# To change Kerberos options#KerberosAuthentication no#KerberosOrLocalPasswd yes#AFSTokenPassing no#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver#KerberosTgtPassing yes
X11Forwarding noX11DisplayOffset 10PrintMotd noPrintLastLog yesKeepAlive yes#UseLogin no
#MaxStartups 10:30:60#Banner /etc/issue.net
Subsystem sftp /usr/lib/sftp-server
UsePAM yes