Package generated configuration file See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for Port 22 Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don’t read the user’s ~/.rhosts and ~/.shosts files IgnoreRhosts yes For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no similar for protocol version 2
HostbasedAuthentication no Uncomment if you don’t trust ~/.ssh/known_hosts for RhostsRSAAuthentication