LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@__simo__simo__

WindowsServer2016にOpenSSHをインストールしてみた。sshd_configファイルの中身

Posted at

sshd_configファイルの中身はこんな感じだった。

This is the sshd server system-wide configuration file. See

sshd_config(5) for more information.

The strategy used for options in the default sshd_config shipped with

OpenSSH is to specify options with their default value where

possible, but leave them commented. Uncommented options override the

default value.

Port 22

AddressFamily any

ListenAddress 0.0.0.0

ListenAddress ::

HostKey PROGRAMDATA/ssh/ssh_host_rsa_key

HostKey PROGRAMDATA/ssh/ssh_host_dsa_key

HostKey PROGRAMDATA/ssh/ssh_host_ecdsa_key

HostKey PROGRAMDATA/ssh/ssh_host_ed25519_key

Ciphers and keying

RekeyLimit default none

Logging

SyslogFacility AUTH

LogLevel INFO

Authentication:

LoginGraceTime 2m

PermitRootLogin prohibit-password

StrictModes yes

MaxAuthTries 6

MaxSessions 10

PubkeyAuthentication yes

The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2

but this is overridden so installations will only check .ssh/authorized_keys

AuthorizedKeysFile .ssh/authorized_keys

AuthorizedPrincipalsFile none

For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts

HostbasedAuthentication no

Change to yes if you don't trust ~/.ssh/known_hosts for

HostbasedAuthentication

IgnoreUserKnownHosts no

Don't read the user's ~/.rhosts and ~/.shosts files

IgnoreRhosts yes

To disable tunneled clear text passwords, change to no here!

PasswordAuthentication yes

PermitEmptyPasswords no

GSSAPI options

GSSAPIAuthentication no

AllowAgentForwarding yes

AllowTcpForwarding yes

GatewayPorts no

PermitTTY yes

PrintMotd yes

PrintLastLog yes

TCPKeepAlive yes

UseLogin no

PermitUserEnvironment no

ClientAliveInterval 0

ClientAliveCountMax 3

UseDNS no

PidFile /var/run/sshd.pid

MaxStartups 10:30:100

PermitTunnel no

ChrootDirectory none

VersionAddendum none

no default banner path

Banner none

override default of no subsystems

Subsystem sftp sftp-server.exe

Example of overriding settings on a per-user basis

Match User anoncvs

AllowTcpForwarding no

PermitTTY no

ForceCommand cvs server

Match Group administrators
AuthorizedKeysFile PROGRAMDATA/ssh/administrators_authorized_keys

0
0
1

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?