## sshd2_config
## SSH 2.4 Server Configuration File
##

## General

	VerboseMode			no
#	QuietMode			yes
	AllowCshrcSourcingWithSubsystems	no
	ForcePTTYAllocation		no
	SyslogFacility			AUTH
#	SyslogFacility			LOCAL7

## Network

	Port 				22
	ListenAddress			0.0.0.0
	RequireReverseMapping		no
	MaxBroadcastsPerSecond		0
#	MaxBroadcastsPerSecond		1  
#	NoDelay				yes
#	KeepAlive			yes
#	MaxConnections			50
#	MaxConnections			0 
# 0 == number of connections not limited 


## Crypto

	Ciphers				AnyCipher
#	Ciphers				AnyStd
#	Ciphers				AnyStdCipher
#	Ciphers				3des
	MACs				AnyMAC
#	MACs				AnyStd
#	MACs				AnyStdMAC
#	RekeyIntervalSeconds		3600


## User

	PrintMotd			yes
	CheckMail			yes
	UserConfigDirectory		"%D/.ssh2"
#	UserConfigDirectory		"/etc/ssh2/auth/%U"
	UserKnownHosts			yes
#	LoginGraceTime			600
#	PermitEmptyPasswords		no
#	StrictModes			yes

## User public key authentication

	HostKeyFile			hostkey
	PublicHostKeyFile		hostkey.pub
	RandomSeedFile			random_seed
	IdentityFile			identification
	AuthorizationFile		authorization
	AllowAgentForwarding		yes


## Tunneling

	AllowX11Forwarding		yes
	AllowTcpForwarding		yes
#	AllowTcpForwardingForUsers	sjl, cowboyneal@slashdot.org
#	DenyTcpForwardingForUsers	"2[:isdigit:]*4, peelo"
#	AllowTcpForwardingForGroups	priviliged_tcp_forwarders
#	DenyTcpForwardingForGroups	coming_from_outside


## Authentication
## Hostbased and PAM are not enabled by default.

#	BannerMessageFile	        /etc/ssh2/ssh_banner_message
#	BannerMessageFile               /etc/issue.net
	PasswordGuesses			3
#	AllowedAuthentications		hostbased,publickey,password
#	AllowedAuthentications		publickey,pam-1@ssh.com
	AllowedAuthentications		publickey,password
#	RequiredAuthentications		publickey,password
#	SshPAMClientPath		ssh-pam-client

## Host restrictions

#	AllowHosts			localhost, foobar.com, friendly.org
#	DenyHosts			evil.org, aol.com
#	AllowSHosts			trusted.host.org
#	DenySHosts			not.quite.trusted.org
#	IgnoreRhosts			no
#	IgnoreRootRHosts		no
# (the above, if not set, is defaulted to the value of IgnoreRHosts)


## User restrictions

#	AllowUsers			"sj*,s[:isdigit:]##,s(jl|amza)"
#	DenyUsers			skuuppa,warezdude,31373
#	DenyUsers			don@untrusted.org
#	AllowGroups			staff,users
#	DenyGroups			guest
#	PermitRootLogin			nopwd
	PermitRootLogin			yes

## SSH1 compatibility

#	Ssh1Compatibility		<set by	configure by default>
#	Sshd1Path			<set by	configure by default>


## Chrooted environment

#	ChRootUsers			ftp,guest
#	ChRootGroups			guest


## subsystem definitions

	subsystem-sftp                  sftp-server
