1*268abfe9Schristos# $NetBSD: sshd_config.in,v 1.3 2017/05/22 21:22:30 christos Exp $ 27f396ca7Spooka 37f396ca7Spooka# Basic settings. 47f396ca7SpookaPort 10000 57f396ca7SpookaProtocol 2 67f396ca7Spooka 77f396ca7Spooka# Provide information to the user in case something goes wrong. 87f396ca7SpookaLogLevel DEBUG1 97f396ca7Spooka 107f396ca7Spooka# The host key. It lives in the work directory because we need to set 117f396ca7Spooka# very strict permissions on it and cannot modify the copy on the source 127f396ca7Spooka# directory. 137f396ca7SpookaHostKey @WORKDIR@/ssh_host_key 147f396ca7Spooka 157f396ca7Spooka# The authorized keys file we set up during the test to allow the client 167f396ca7Spooka# to safely log in. We need to disable strict modes because ATF_WORKDIR 177f396ca7Spooka# usually lives in /tmp, which has 1777 permissions and are not liked by 187f396ca7Spooka# sshd. 197f396ca7SpookaAuthorizedKeysFile @WORKDIR@/authorized_keys 207f396ca7SpookaStrictModes no 217f396ca7Spooka 227f396ca7Spooka# Some settings to allow user runs of sshd. 23bec0b44fSpookaPidFile @WORKDIR@/sshd.pid 247f396ca7SpookaSubsystem sftp @WORKDIR@/sftp-server 257f396ca7SpookaUsePam no 267f396ca7Spooka 277f396ca7Spooka# The root user should also be able to run the tests. 287f396ca7SpookaPermitRootLogin yes 297f396ca7Spooka 307f396ca7Spooka# Be restrictive about access to the temporary server. Only allow key-based 317f396ca7Spooka# authentication. 327f396ca7SpookaChallengeResponseAuthentication no 337f396ca7SpookaGSSAPIAuthentication no 347f396ca7SpookaHostbasedAuthentication no 357f396ca7SpookaKerberosAuthentication no 367f396ca7SpookaMaxAuthTries 1 377f396ca7SpookaMaxStartups 1 387f396ca7SpookaPasswordAuthentication no 397f396ca7SpookaPubkeyAuthentication yes 40