1.\" -*- nroff -*- 2.\" 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5.\" All rights reserved 6.\" 7.\" As far as I am concerned, the code I have written for this software 8.\" can be used freely for any purpose. Any derived versions of this 9.\" software must be clearly marked as such, and if the derived work is 10.\" incompatible with the protocol description in the RFC file, it must be 11.\" called by a name other than "ssh" or "Secure Shell". 12.\" 13.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. 14.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. 15.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. 16.\" 17.\" Redistribution and use in source and binary forms, with or without 18.\" modification, are permitted provided that the following conditions 19.\" are met: 20.\" 1. Redistributions of source code must retain the above copyright 21.\" notice, this list of conditions and the following disclaimer. 22.\" 2. Redistributions in binary form must reproduce the above copyright 23.\" notice, this list of conditions and the following disclaimer in the 24.\" documentation and/or other materials provided with the distribution. 25.\" 26.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36.\" 37.\" $OpenBSD: sshd_config.5,v 1.112 2009/11/10 02:58:56 djm Exp $ 38.Dd $Mdocdate: November 10 2009 $ 39.Dt SSHD_CONFIG 5 40.Os 41.Sh NAME 42.Nm sshd_config 43.Nd OpenSSH SSH daemon configuration file 44.Sh SYNOPSIS 45.Nm /etc/ssh/sshd_config 46.Sh DESCRIPTION 47.Xr sshd 8 48reads configuration data from 49.Pa /etc/ssh/sshd_config 50(or the file specified with 51.Fl f 52on the command line). 53The file contains keyword-argument pairs, one per line. 54Lines starting with 55.Ql # 56and empty lines are interpreted as comments. 57Arguments may optionally be enclosed in double quotes 58.Pq \&" 59in order to represent arguments containing spaces. 60.Pp 61The possible 62keywords and their meanings are as follows (note that 63keywords are case-insensitive and arguments are case-sensitive): 64.Bl -tag -width Ds 65.It Cm AcceptEnv 66Specifies what environment variables sent by the client will be copied into 67the session's 68.Xr environ 7 . 69See 70.Cm SendEnv 71in 72.Xr ssh_config 5 73for how to configure the client. 74Note that environment passing is only supported for protocol 2. 75Variables are specified by name, which may contain the wildcard characters 76.Ql * 77and 78.Ql \&? . 79Multiple environment variables may be separated by whitespace or spread 80across multiple 81.Cm AcceptEnv 82directives. 83Be warned that some environment variables could be used to bypass restricted 84user environments. 85For this reason, care should be taken in the use of this directive. 86The default is not to accept any environment variables. 87.It Cm AddressFamily 88Specifies which address family should be used by 89.Xr sshd 8 . 90Valid arguments are 91.Dq any , 92.Dq inet 93(use IPv4 only), or 94.Dq inet6 95(use IPv6 only). 96The default is 97.Dq any . 98.It Cm AllowAgentForwarding 99Specifies whether 100.Xr ssh-agent 1 101forwarding is permitted. 102The default is 103.Dq yes . 104Note that disabling agent forwarding does not improve security 105unless users are also denied shell access, as they can always install 106their own forwarders. 107.It Cm AllowGroups 108This keyword can be followed by a list of group name patterns, separated 109by spaces. 110If specified, login is allowed only for users whose primary 111group or supplementary group list matches one of the patterns. 112Only group names are valid; a numerical group ID is not recognized. 113By default, login is allowed for all groups. 114The allow/deny directives are processed in the following order: 115.Cm DenyUsers , 116.Cm AllowUsers , 117.Cm DenyGroups , 118and finally 119.Cm AllowGroups . 120.Pp 121See 122.Sx PATTERNS 123in 124.Xr ssh_config 5 125for more information on patterns. 126.It Cm AllowTcpForwarding 127Specifies whether TCP forwarding is permitted. 128The default is 129.Dq yes . 130Note that disabling TCP forwarding does not improve security unless 131users are also denied shell access, as they can always install their 132own forwarders. 133.It Cm AllowUsers 134This keyword can be followed by a list of user name patterns, separated 135by spaces. 136If specified, login is allowed only for user names that 137match one of the patterns. 138Only user names are valid; a numerical user ID is not recognized. 139By default, login is allowed for all users. 140If the pattern takes the form USER@HOST then USER and HOST 141are separately checked, restricting logins to particular 142users from particular hosts. 143The allow/deny directives are processed in the following order: 144.Cm DenyUsers , 145.Cm AllowUsers , 146.Cm DenyGroups , 147and finally 148.Cm AllowGroups . 149.Pp 150See 151.Sx PATTERNS 152in 153.Xr ssh_config 5 154for more information on patterns. 155.It Cm AuthorizedKeysFile 156Specifies the file that contains the public keys that can be used 157for user authentication. 158.Cm AuthorizedKeysFile 159may contain tokens of the form %T which are substituted during connection 160setup. 161The following tokens are defined: %% is replaced by a literal '%', 162%h is replaced by the home directory of the user being authenticated, and 163%u is replaced by the username of that user. 164After expansion, 165.Cm AuthorizedKeysFile 166is taken to be an absolute path or one relative to the user's home 167directory. 168The default is 169.Dq .ssh/authorized_keys . 170.It Cm Banner 171The contents of the specified file are sent to the remote user before 172authentication is allowed. 173If the argument is 174.Dq none 175then no banner is displayed. 176This option is only available for protocol version 2. 177By default, no banner is displayed. 178.It Cm ChallengeResponseAuthentication 179Specifies whether challenge-response authentication is allowed. 180All authentication styles from 181.Xr login.conf 5 182are supported. 183The default is 184.Dq yes . 185.It Cm ChrootDirectory 186Specifies a path to 187.Xr chroot 2 188to after authentication. 189This path, and all its components, must be root-owned directories that are 190not writable by any other user or group. 191After the chroot, 192.Xr sshd 8 193changes the working directory to the user's home directory. 194.Pp 195The path may contain the following tokens that are expanded at runtime once 196the connecting user has been authenticated: %% is replaced by a literal '%', 197%h is replaced by the home directory of the user being authenticated, and 198%u is replaced by the username of that user. 199.Pp 200The 201.Cm ChrootDirectory 202must contain the necessary files and directories to support the 203user's session. 204For an interactive session this requires at least a shell, typically 205.Xr sh 1 , 206and basic 207.Pa /dev 208nodes such as 209.Xr null 4 , 210.Xr zero 4 , 211.Xr stdin 4 , 212.Xr stdout 4 , 213.Xr stderr 4 , 214.Xr arandom 4 215and 216.Xr tty 4 217devices. 218For file transfer sessions using 219.Dq sftp , 220no additional configuration of the environment is necessary if the 221in-process sftp server is used, 222though sessions which use logging do require 223.Pa /dev/log 224inside the chroot directory (see 225.Xr sftp-server 8 226for details). 227.Pp 228The default is not to 229.Xr chroot 2 . 230.It Cm Ciphers 231Specifies the ciphers allowed for protocol version 2. 232Multiple ciphers must be comma-separated. 233The supported ciphers are 234.Dq 3des-cbc , 235.Dq aes128-cbc , 236.Dq aes192-cbc , 237.Dq aes256-cbc , 238.Dq aes128-ctr , 239.Dq aes192-ctr , 240.Dq aes256-ctr , 241.Dq arcfour128 , 242.Dq arcfour256 , 243.Dq arcfour , 244.Dq blowfish-cbc , 245and 246.Dq cast128-cbc . 247The default is: 248.Bd -literal -offset 3n 249aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, 250aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, 251aes256-cbc,arcfour 252.Ed 253.It Cm ClientAliveCountMax 254Sets the number of client alive messages (see below) which may be 255sent without 256.Xr sshd 8 257receiving any messages back from the client. 258If this threshold is reached while client alive messages are being sent, 259sshd will disconnect the client, terminating the session. 260It is important to note that the use of client alive messages is very 261different from 262.Cm TCPKeepAlive 263(below). 264The client alive messages are sent through the encrypted channel 265and therefore will not be spoofable. 266The TCP keepalive option enabled by 267.Cm TCPKeepAlive 268is spoofable. 269The client alive mechanism is valuable when the client or 270server depend on knowing when a connection has become inactive. 271.Pp 272The default value is 3. 273If 274.Cm ClientAliveInterval 275(see below) is set to 15, and 276.Cm ClientAliveCountMax 277is left at the default, unresponsive SSH clients 278will be disconnected after approximately 45 seconds. 279This option applies to protocol version 2 only. 280.It Cm ClientAliveInterval 281Sets a timeout interval in seconds after which if no data has been received 282from the client, 283.Xr sshd 8 284will send a message through the encrypted 285channel to request a response from the client. 286The default 287is 0, indicating that these messages will not be sent to the client. 288This option applies to protocol version 2 only. 289.It Cm Compression 290Specifies whether compression is allowed, or delayed until 291the user has authenticated successfully. 292The argument must be 293.Dq yes , 294.Dq delayed , 295or 296.Dq no . 297The default is 298.Dq delayed . 299.It Cm DenyGroups 300This keyword can be followed by a list of group name patterns, separated 301by spaces. 302Login is disallowed for users whose primary group or supplementary 303group list matches one of the patterns. 304Only group names are valid; a numerical group ID is not recognized. 305By default, login is allowed for all groups. 306The allow/deny directives are processed in the following order: 307.Cm DenyUsers , 308.Cm AllowUsers , 309.Cm DenyGroups , 310and finally 311.Cm AllowGroups . 312.Pp 313See 314.Sx PATTERNS 315in 316.Xr ssh_config 5 317for more information on patterns. 318.It Cm DenyUsers 319This keyword can be followed by a list of user name patterns, separated 320by spaces. 321Login is disallowed for user names that match one of the patterns. 322Only user names are valid; a numerical user ID is not recognized. 323By default, login is allowed for all users. 324If the pattern takes the form USER@HOST then USER and HOST 325are separately checked, restricting logins to particular 326users from particular hosts. 327The allow/deny directives are processed in the following order: 328.Cm DenyUsers , 329.Cm AllowUsers , 330.Cm DenyGroups , 331and finally 332.Cm AllowGroups . 333.Pp 334See 335.Sx PATTERNS 336in 337.Xr ssh_config 5 338for more information on patterns. 339.It Cm ForceCommand 340Forces the execution of the command specified by 341.Cm ForceCommand , 342ignoring any command supplied by the client and 343.Pa ~/.ssh/rc 344if present. 345The command is invoked by using the user's login shell with the -c option. 346This applies to shell, command, or subsystem execution. 347It is most useful inside a 348.Cm Match 349block. 350The command originally supplied by the client is available in the 351.Ev SSH_ORIGINAL_COMMAND 352environment variable. 353Specifying a command of 354.Dq internal-sftp 355will force the use of an in-process sftp server that requires no support 356files when used with 357.Cm ChrootDirectory . 358.It Cm GatewayPorts 359Specifies whether remote hosts are allowed to connect to ports 360forwarded for the client. 361By default, 362.Xr sshd 8 363binds remote port forwardings to the loopback address. 364This prevents other remote hosts from connecting to forwarded ports. 365.Cm GatewayPorts 366can be used to specify that sshd 367should allow remote port forwardings to bind to non-loopback addresses, thus 368allowing other hosts to connect. 369The argument may be 370.Dq no 371to force remote port forwardings to be available to the local host only, 372.Dq yes 373to force remote port forwardings to bind to the wildcard address, or 374.Dq clientspecified 375to allow the client to select the address to which the forwarding is bound. 376The default is 377.Dq no . 378.It Cm GSSAPIAuthentication 379Specifies whether user authentication based on GSSAPI is allowed. 380The default is 381.Dq no . 382Note that this option applies to protocol version 2 only. 383.It Cm GSSAPICleanupCredentials 384Specifies whether to automatically destroy the user's credentials cache 385on logout. 386The default is 387.Dq yes . 388Note that this option applies to protocol version 2 only. 389.It Cm HostbasedAuthentication 390Specifies whether rhosts or /etc/hosts.equiv authentication together 391with successful public key client host authentication is allowed 392(host-based authentication). 393This option is similar to 394.Cm RhostsRSAAuthentication 395and applies to protocol version 2 only. 396The default is 397.Dq no . 398.It Cm HostbasedUsesNameFromPacketOnly 399Specifies whether or not the server will attempt to perform a reverse 400name lookup when matching the name in the 401.Pa ~/.shosts , 402.Pa ~/.rhosts , 403and 404.Pa /etc/hosts.equiv 405files during 406.Cm HostbasedAuthentication . 407A setting of 408.Dq yes 409means that 410.Xr sshd 8 411uses the name supplied by the client rather than 412attempting to resolve the name from the TCP connection itself. 413The default is 414.Dq no . 415.It Cm HostKey 416Specifies a file containing a private host key 417used by SSH. 418The default is 419.Pa /etc/ssh/ssh_host_key 420for protocol version 1, and 421.Pa /etc/ssh/ssh_host_rsa_key 422and 423.Pa /etc/ssh/ssh_host_dsa_key 424for protocol version 2. 425Note that 426.Xr sshd 8 427will refuse to use a file if it is group/world-accessible. 428It is possible to have multiple host key files. 429.Dq rsa1 430keys are used for version 1 and 431.Dq dsa 432or 433.Dq rsa 434are used for version 2 of the SSH protocol. 435.It Cm IgnoreRhosts 436Specifies that 437.Pa .rhosts 438and 439.Pa .shosts 440files will not be used in 441.Cm RhostsRSAAuthentication 442or 443.Cm HostbasedAuthentication . 444.Pp 445.Pa /etc/hosts.equiv 446and 447.Pa /etc/shosts.equiv 448are still used. 449The default is 450.Dq yes . 451.It Cm IgnoreUserKnownHosts 452Specifies whether 453.Xr sshd 8 454should ignore the user's 455.Pa ~/.ssh/known_hosts 456during 457.Cm RhostsRSAAuthentication 458or 459.Cm HostbasedAuthentication . 460The default is 461.Dq no . 462.It Cm KerberosAuthentication 463Specifies whether the password provided by the user for 464.Cm PasswordAuthentication 465will be validated through the Kerberos KDC. 466To use this option, the server needs a 467Kerberos servtab which allows the verification of the KDC's identity. 468The default is 469.Dq no . 470.It Cm KerberosGetAFSToken 471If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire 472an AFS token before accessing the user's home directory. 473The default is 474.Dq no . 475.It Cm KerberosOrLocalPasswd 476If password authentication through Kerberos fails then 477the password will be validated via any additional local mechanism 478such as 479.Pa /etc/passwd . 480The default is 481.Dq yes . 482.It Cm KerberosTicketCleanup 483Specifies whether to automatically destroy the user's ticket cache 484file on logout. 485The default is 486.Dq yes . 487.It Cm KeyRegenerationInterval 488In protocol version 1, the ephemeral server key is automatically regenerated 489after this many seconds (if it has been used). 490The purpose of regeneration is to prevent 491decrypting captured sessions by later breaking into the machine and 492stealing the keys. 493The key is never stored anywhere. 494If the value is 0, the key is never regenerated. 495The default is 3600 (seconds). 496.It Cm ListenAddress 497Specifies the local addresses 498.Xr sshd 8 499should listen on. 500The following forms may be used: 501.Pp 502.Bl -item -offset indent -compact 503.It 504.Cm ListenAddress 505.Sm off 506.Ar host No | Ar IPv4_addr No | Ar IPv6_addr 507.Sm on 508.It 509.Cm ListenAddress 510.Sm off 511.Ar host No | Ar IPv4_addr No : Ar port 512.Sm on 513.It 514.Cm ListenAddress 515.Sm off 516.Oo 517.Ar host No | Ar IPv6_addr Oc : Ar port 518.Sm on 519.El 520.Pp 521If 522.Ar port 523is not specified, 524sshd will listen on the address and all prior 525.Cm Port 526options specified. 527The default is to listen on all local addresses. 528Multiple 529.Cm ListenAddress 530options are permitted. 531Additionally, any 532.Cm Port 533options must precede this option for non-port qualified addresses. 534.It Cm LoginGraceTime 535The server disconnects after this time if the user has not 536successfully logged in. 537If the value is 0, there is no time limit. 538The default is 120 seconds. 539.It Cm LogLevel 540Gives the verbosity level that is used when logging messages from 541.Xr sshd 8 . 542The possible values are: 543QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. 544The default is INFO. 545DEBUG and DEBUG1 are equivalent. 546DEBUG2 and DEBUG3 each specify higher levels of debugging output. 547Logging with a DEBUG level violates the privacy of users and is not recommended. 548.It Cm MACs 549Specifies the available MAC (message authentication code) algorithms. 550The MAC algorithm is used in protocol version 2 551for data integrity protection. 552Multiple algorithms must be comma-separated. 553The default is: 554.Bd -literal -offset indent 555hmac-md5,hmac-sha1,umac-64@openssh.com, 556hmac-ripemd160,hmac-sha1-96,hmac-md5-96 557.Ed 558.It Cm Match 559Introduces a conditional block. 560If all of the criteria on the 561.Cm Match 562line are satisfied, the keywords on the following lines override those 563set in the global section of the config file, until either another 564.Cm Match 565line or the end of the file. 566.Pp 567The arguments to 568.Cm Match 569are one or more criteria-pattern pairs. 570The available criteria are 571.Cm User , 572.Cm Group , 573.Cm Host , 574and 575.Cm Address . 576The match patterns may consist of single entries or comma-separated 577lists and may use the wildcard and negation operators described in the 578.Sx PATTERNS 579section of 580.Xr ssh_config 5 . 581.Pp 582The patterns in an 583.Cm Address 584criteria may additionally contain addresses to match in CIDR 585address/masklen format, e.g.\& 586.Dq 192.0.2.0/24 587or 588.Dq 3ffe:ffff::/32 . 589Note that the mask length provided must be consistent with the address - 590it is an error to specify a mask length that is too long for the address 591or one with bits set in this host portion of the address. 592For example, 593.Dq 192.0.2.0/33 594and 595.Dq 192.0.2.0/8 596respectively. 597.Pp 598Only a subset of keywords may be used on the lines following a 599.Cm Match 600keyword. 601Available keywords are 602.Cm AllowAgentForwarding , 603.Cm AllowTcpForwarding , 604.Cm Banner , 605.Cm ChrootDirectory , 606.Cm ForceCommand , 607.Cm GatewayPorts , 608.Cm GSSAPIAuthentication , 609.Cm HostbasedAuthentication , 610.Cm KbdInteractiveAuthentication , 611.Cm KerberosAuthentication , 612.Cm MaxAuthTries , 613.Cm MaxSessions , 614.Cm PasswordAuthentication , 615.Cm PermitEmptyPasswords , 616.Cm PermitOpen , 617.Cm PermitRootLogin , 618.Cm PubkeyAuthentication , 619.Cm RhostsRSAAuthentication , 620.Cm RSAAuthentication , 621.Cm X11DisplayOffset , 622.Cm X11Forwarding 623and 624.Cm X11UseLocalHost . 625.It Cm MaxAuthTries 626Specifies the maximum number of authentication attempts permitted per 627connection. 628Once the number of failures reaches half this value, 629additional failures are logged. 630The default is 6. 631.It Cm MaxSessions 632Specifies the maximum number of open sessions permitted per network connection. 633The default is 10. 634.It Cm MaxStartups 635Specifies the maximum number of concurrent unauthenticated connections to the 636SSH daemon. 637Additional connections will be dropped until authentication succeeds or the 638.Cm LoginGraceTime 639expires for a connection. 640The default is 10. 641.Pp 642Alternatively, random early drop can be enabled by specifying 643the three colon separated values 644.Dq start:rate:full 645(e.g. "10:30:60"). 646.Xr sshd 8 647will refuse connection attempts with a probability of 648.Dq rate/100 649(30%) 650if there are currently 651.Dq start 652(10) 653unauthenticated connections. 654The probability increases linearly and all connection attempts 655are refused if the number of unauthenticated connections reaches 656.Dq full 657(60). 658.It Cm PasswordAuthentication 659Specifies whether password authentication is allowed. 660The default is 661.Dq yes . 662.It Cm PermitEmptyPasswords 663When password authentication is allowed, it specifies whether the 664server allows login to accounts with empty password strings. 665The default is 666.Dq no . 667.It Cm PermitOpen 668Specifies the destinations to which TCP port forwarding is permitted. 669The forwarding specification must be one of the following forms: 670.Pp 671.Bl -item -offset indent -compact 672.It 673.Cm PermitOpen 674.Sm off 675.Ar host : port 676.Sm on 677.It 678.Cm PermitOpen 679.Sm off 680.Ar IPv4_addr : port 681.Sm on 682.It 683.Cm PermitOpen 684.Sm off 685.Ar \&[ IPv6_addr \&] : port 686.Sm on 687.El 688.Pp 689Multiple forwards may be specified by separating them with whitespace. 690An argument of 691.Dq any 692can be used to remove all restrictions and permit any forwarding requests. 693By default all port forwarding requests are permitted. 694.It Cm PermitRootLogin 695Specifies whether root can log in using 696.Xr ssh 1 . 697The argument must be 698.Dq yes , 699.Dq without-password , 700.Dq forced-commands-only , 701or 702.Dq no . 703The default is 704.Dq yes . 705.Pp 706If this option is set to 707.Dq without-password , 708password authentication is disabled for root. 709.Pp 710If this option is set to 711.Dq forced-commands-only , 712root login with public key authentication will be allowed, 713but only if the 714.Ar command 715option has been specified 716(which may be useful for taking remote backups even if root login is 717normally not allowed). 718All other authentication methods are disabled for root. 719.Pp 720If this option is set to 721.Dq no , 722root is not allowed to log in. 723.It Cm PermitTunnel 724Specifies whether 725.Xr tun 4 726device forwarding is allowed. 727The argument must be 728.Dq yes , 729.Dq point-to-point 730(layer 3), 731.Dq ethernet 732(layer 2), or 733.Dq no . 734Specifying 735.Dq yes 736permits both 737.Dq point-to-point 738and 739.Dq ethernet . 740The default is 741.Dq no . 742.It Cm PermitUserEnvironment 743Specifies whether 744.Pa ~/.ssh/environment 745and 746.Cm environment= 747options in 748.Pa ~/.ssh/authorized_keys 749are processed by 750.Xr sshd 8 . 751The default is 752.Dq no . 753Enabling environment processing may enable users to bypass access 754restrictions in some configurations using mechanisms such as 755.Ev LD_PRELOAD . 756.It Cm PidFile 757Specifies the file that contains the process ID of the 758SSH daemon. 759The default is 760.Pa /var/run/sshd.pid . 761.It Cm Port 762Specifies the port number that 763.Xr sshd 8 764listens on. 765The default is 22. 766Multiple options of this type are permitted. 767See also 768.Cm ListenAddress . 769.It Cm PrintLastLog 770Specifies whether 771.Xr sshd 8 772should print the date and time of the last user login when a user logs 773in interactively. 774The default is 775.Dq yes . 776.It Cm PrintMotd 777Specifies whether 778.Xr sshd 8 779should print 780.Pa /etc/motd 781when a user logs in interactively. 782(On some systems it is also printed by the shell, 783.Pa /etc/profile , 784or equivalent.) 785The default is 786.Dq yes . 787.It Cm Protocol 788Specifies the protocol versions 789.Xr sshd 8 790supports. 791The possible values are 792.Sq 1 793and 794.Sq 2 . 795Multiple versions must be comma-separated. 796The default is 797.Sq 2 . 798Note that the order of the protocol list does not indicate preference, 799because the client selects among multiple protocol versions offered 800by the server. 801Specifying 802.Dq 2,1 803is identical to 804.Dq 1,2 . 805.It Cm PubkeyAuthentication 806Specifies whether public key authentication is allowed. 807The default is 808.Dq yes . 809Note that this option applies to protocol version 2 only. 810.It Cm RDomain 811Set the routing domain number. 812The default routing domain is set by the system. 813.It Cm RhostsRSAAuthentication 814Specifies whether rhosts or /etc/hosts.equiv authentication together 815with successful RSA host authentication is allowed. 816The default is 817.Dq no . 818This option applies to protocol version 1 only. 819.It Cm RSAAuthentication 820Specifies whether pure RSA authentication is allowed. 821The default is 822.Dq yes . 823This option applies to protocol version 1 only. 824.It Cm ServerKeyBits 825Defines the number of bits in the ephemeral protocol version 1 server key. 826The minimum value is 512, and the default is 1024. 827.It Cm StrictModes 828Specifies whether 829.Xr sshd 8 830should check file modes and ownership of the 831user's files and home directory before accepting login. 832This is normally desirable because novices sometimes accidentally leave their 833directory or files world-writable. 834The default is 835.Dq yes . 836Note that this does not apply to 837.Cm ChrootDirectory , 838whose permissions and ownership are checked unconditionally. 839.It Cm Subsystem 840Configures an external subsystem (e.g. file transfer daemon). 841Arguments should be a subsystem name and a command (with optional arguments) 842to execute upon subsystem request. 843.Pp 844The command 845.Xr sftp-server 8 846implements the 847.Dq sftp 848file transfer subsystem. 849.Pp 850Alternately the name 851.Dq internal-sftp 852implements an in-process 853.Dq sftp 854server. 855This may simplify configurations using 856.Cm ChrootDirectory 857to force a different filesystem root on clients. 858.Pp 859By default no subsystems are defined. 860Note that this option applies to protocol version 2 only. 861.It Cm SyslogFacility 862Gives the facility code that is used when logging messages from 863.Xr sshd 8 . 864The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, 865LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. 866The default is AUTH. 867.It Cm TCPKeepAlive 868Specifies whether the system should send TCP keepalive messages to the 869other side. 870If they are sent, death of the connection or crash of one 871of the machines will be properly noticed. 872However, this means that 873connections will die if the route is down temporarily, and some people 874find it annoying. 875On the other hand, if TCP keepalives are not sent, 876sessions may hang indefinitely on the server, leaving 877.Dq ghost 878users and consuming server resources. 879.Pp 880The default is 881.Dq yes 882(to send TCP keepalive messages), and the server will notice 883if the network goes down or the client host crashes. 884This avoids infinitely hanging sessions. 885.Pp 886To disable TCP keepalive messages, the value should be set to 887.Dq no . 888.It Cm UseDNS 889Specifies whether 890.Xr sshd 8 891should look up the remote host name and check that 892the resolved host name for the remote IP address maps back to the 893very same IP address. 894The default is 895.Dq yes . 896.It Cm UseLogin 897Specifies whether 898.Xr login 1 899is used for interactive login sessions. 900The default is 901.Dq no . 902Note that 903.Xr login 1 904is never used for remote command execution. 905Note also, that if this is enabled, 906.Cm X11Forwarding 907will be disabled because 908.Xr login 1 909does not know how to handle 910.Xr xauth 1 911cookies. 912If 913.Cm UsePrivilegeSeparation 914is specified, it will be disabled after authentication. 915.It Cm UsePrivilegeSeparation 916Specifies whether 917.Xr sshd 8 918separates privileges by creating an unprivileged child process 919to deal with incoming network traffic. 920After successful authentication, another process will be created that has 921the privilege of the authenticated user. 922The goal of privilege separation is to prevent privilege 923escalation by containing any corruption within the unprivileged processes. 924The default is 925.Dq yes . 926.It Cm X11DisplayOffset 927Specifies the first display number available for 928.Xr sshd 8 Ns 's 929X11 forwarding. 930This prevents sshd from interfering with real X11 servers. 931The default is 10. 932.It Cm X11Forwarding 933Specifies whether X11 forwarding is permitted. 934The argument must be 935.Dq yes 936or 937.Dq no . 938The default is 939.Dq no . 940.Pp 941When X11 forwarding is enabled, there may be additional exposure to 942the server and to client displays if the 943.Xr sshd 8 944proxy display is configured to listen on the wildcard address (see 945.Cm X11UseLocalhost 946below), though this is not the default. 947Additionally, the authentication spoofing and authentication data 948verification and substitution occur on the client side. 949The security risk of using X11 forwarding is that the client's X11 950display server may be exposed to attack when the SSH client requests 951forwarding (see the warnings for 952.Cm ForwardX11 953in 954.Xr ssh_config 5 ) . 955A system administrator may have a stance in which they want to 956protect clients that may expose themselves to attack by unwittingly 957requesting X11 forwarding, which can warrant a 958.Dq no 959setting. 960.Pp 961Note that disabling X11 forwarding does not prevent users from 962forwarding X11 traffic, as users can always install their own forwarders. 963X11 forwarding is automatically disabled if 964.Cm UseLogin 965is enabled. 966.It Cm X11UseLocalhost 967Specifies whether 968.Xr sshd 8 969should bind the X11 forwarding server to the loopback address or to 970the wildcard address. 971By default, 972sshd binds the forwarding server to the loopback address and sets the 973hostname part of the 974.Ev DISPLAY 975environment variable to 976.Dq localhost . 977This prevents remote hosts from connecting to the proxy display. 978However, some older X11 clients may not function with this 979configuration. 980.Cm X11UseLocalhost 981may be set to 982.Dq no 983to specify that the forwarding server should be bound to the wildcard 984address. 985The argument must be 986.Dq yes 987or 988.Dq no . 989The default is 990.Dq yes . 991.It Cm XAuthLocation 992Specifies the full pathname of the 993.Xr xauth 1 994program. 995The default is 996.Pa /usr/X11R6/bin/xauth . 997.El 998.Sh TIME FORMATS 999.Xr sshd 8 1000command-line arguments and configuration file options that specify time 1001may be expressed using a sequence of the form: 1002.Sm off 1003.Ar time Op Ar qualifier , 1004.Sm on 1005where 1006.Ar time 1007is a positive integer value and 1008.Ar qualifier 1009is one of the following: 1010.Pp 1011.Bl -tag -width Ds -compact -offset indent 1012.It Aq Cm none 1013seconds 1014.It Cm s | Cm S 1015seconds 1016.It Cm m | Cm M 1017minutes 1018.It Cm h | Cm H 1019hours 1020.It Cm d | Cm D 1021days 1022.It Cm w | Cm W 1023weeks 1024.El 1025.Pp 1026Each member of the sequence is added together to calculate 1027the total time value. 1028.Pp 1029Time format examples: 1030.Pp 1031.Bl -tag -width Ds -compact -offset indent 1032.It 600 1033600 seconds (10 minutes) 1034.It 10m 103510 minutes 1036.It 1h30m 10371 hour 30 minutes (90 minutes) 1038.El 1039.Sh FILES 1040.Bl -tag -width Ds 1041.It Pa /etc/ssh/sshd_config 1042Contains configuration data for 1043.Xr sshd 8 . 1044This file should be writable by root only, but it is recommended 1045(though not necessary) that it be world-readable. 1046.El 1047.Sh SEE ALSO 1048.Xr sshd 8 1049.Sh AUTHORS 1050OpenSSH is a derivative of the original and free 1051ssh 1.2.12 release by Tatu Ylonen. 1052Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 1053Theo de Raadt and Dug Song 1054removed many bugs, re-added newer features and 1055created OpenSSH. 1056Markus Friedl contributed the support for SSH 1057protocol versions 1.5 and 2.0. 1058Niels Provos and Markus Friedl contributed support 1059for privilege separation. 1060