{"id":354,"date":"2021-07-23T12:28:21","date_gmt":"2021-07-23T12:28:21","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/how-to-secure-ssh\/"},"modified":"2021-07-23T12:28:21","modified_gmt":"2021-07-23T12:28:21","slug":"how-to-secure-ssh","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/how-to-secure-ssh\/","title":{"rendered":"How to Secure SSH"},"content":{"rendered":"<\/p>\n<div class=\"col-md-9\">\n<div class=\"flex-column flex-md-row article-header\"><\/div>\n<hr>\n<h2 id=\"overview\">Overview<\/h2>\n<p>This document lists several helpful changes that you can make to your server to improve SSH security. We <strong>strongly<\/strong> recommend that you restrict and properly configure Secure Shell (SSH) access in order to secure your server.<\/p>\n<h2 id=\"be-careful-who-you-grant-ssh-access-to\">Be careful who you grant SSH access to<\/h2>\n<p>If a user does not need SSH access, do <strong>not<\/strong> grant them access. To remove a user\u2019s SSH access, use WHM\u2019s <em>Manage Shell Access<\/em> interface (<em>WHM<\/em> &gt;&gt; <em>Home<\/em> &gt;&gt; <em>Account Functions<\/em> &gt;&gt; <em>Manage Shell Access<\/em>).<\/p>\n<p>Some users may need SSH access, but only need access to files in their home directory. We recommend that you assign a jailed shell environment to these users. For more information about jailed shells, read our VirtFS &#8211; Jailed Shell documentation.<\/p>\n<h2 id=\"set-an-ssh-legal-message\">Set an SSH Legal Message<\/h2>\n<p>The system can display an SSH legal message (message of the day, or <code>motd<\/code>) whenever someone logs in to your server through SSH.<\/p>\n<p>To set the message, use your preferred text editor to edit the <code>\/etc\/motd<\/code> file and save your changes. For example, one of our technical analysts uses the following message:<\/p>\n<div class=\"highlight\">\n<div style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\">\n<table style=\"border-spacing:0;padding:0;margin:0;border:0;width:auto;overflow:auto;display:block;\">\n<tr>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-GO\" data-lang=\"GO\"><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">1\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">2\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">3\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">4\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">5\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">6\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">7\n<\/span><\/code><\/pre>\n<\/td>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;;width:100%\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-GO\" data-lang=\"GO\"><span style=\"color:#a6e22e\">ALERT<\/span>! <span style=\"color:#a6e22e\">You<\/span> <span style=\"color:#a6e22e\">have<\/span> <span style=\"color:#a6e22e\">entered<\/span> <span style=\"color:#a6e22e\">a<\/span> <span style=\"color:#a6e22e\">secured<\/span> <span style=\"color:#a6e22e\">area<\/span>! <span style=\"color:#a6e22e\">The<\/span> <span style=\"color:#a6e22e\">system<\/span> <span style=\"color:#a6e22e\">has<\/span> <span style=\"color:#a6e22e\">recorded<\/span>\n<span style=\"color:#a6e22e\">your<\/span> <span style=\"color:#a6e22e\">IP<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">login<\/span> <span style=\"color:#a6e22e\">information<\/span>, <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">it<\/span> <span style=\"color:#a6e22e\">has<\/span> <span style=\"color:#a6e22e\">notified<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">administrator<\/span>.\n\n<span style=\"color:#a6e22e\">This<\/span> <span style=\"color:#a6e22e\">system<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">restricted<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">authorized<\/span> <span style=\"color:#a6e22e\">access<\/span> <span style=\"color:#a6e22e\">only<\/span>. <span style=\"color:#a6e22e\">All<\/span> <span style=\"color:#a6e22e\">activities<\/span> <span style=\"color:#a6e22e\">on<\/span>\n<span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">system<\/span> <span style=\"color:#a6e22e\">are<\/span> <span style=\"color:#a6e22e\">recorded<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">logged<\/span>. <span style=\"color:#a6e22e\">The<\/span> <span style=\"color:#a6e22e\">system<\/span> <span style=\"color:#a6e22e\">administrator<\/span> <span style=\"color:#a6e22e\">will<\/span> <span style=\"color:#a6e22e\">fully<\/span>\n<span style=\"color:#a6e22e\">investigate<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">report<\/span> <span style=\"color:#a6e22e\">unauthorized<\/span> <span style=\"color:#a6e22e\">activity<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">appropriate<\/span> <span style=\"color:#a6e22e\">law<\/span>\n<span style=\"color:#a6e22e\">enforcement<\/span> <span style=\"color:#a6e22e\">agencies<\/span>.<\/code><\/pre>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<h2 id=\"use-ssh-keys\">Use SSH Keys<\/h2>\n<p>You can disable password authentication for SSH on your server, which will force users to log in through SSH with keys instead of passwords.<\/p>\n<p>To do this, perform the following:<\/p>\n<ol>\n<li>\n<p>Use WHM\u2019s <em>Manage root\u2019s SSH Keys<\/em> interface (<em>WHM<\/em> &gt;&gt; <em>Home<\/em> &gt;&gt; <em>Security Center<\/em> &gt;&gt; <em>Manage root\u2019s SSH Keys<\/em>) to generate and download a key for the root user.<\/p>\n<\/li>\n<li>\n<p>Use WHM\u2019s <em>SSH Password Authorization Tweak<\/em> interface (<em>WHM<\/em> &gt;&gt; <em>Home<\/em> &gt;&gt; <em>Security Center<\/em> &gt;&gt; <em>SSH Password Authorization Tweak<\/em>) to disable password authentication for SSH.<\/p>\n<\/li>\n<\/ol>\n<h2 id=\"strengthen-ssh-security\">Strengthen SSH security<\/h2>\n<p>The <code>\/etc\/ssh\/sshd_config<\/code> file contains your server\u2019s configuration settings for SSH. We recommend that you change the following settings:<\/p>\n<ul>\n<li>\n<p><code>Port<\/code> \u2014 The port number on which the <code>sshd<\/code> daemon listens for connections. The highest acceptable value is <code>49151<\/code>.<\/p>\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n<p>We recommend that you use a privileged port of <code>1<\/code> &#8211; <code>1023<\/code> that another service does <strong>not<\/strong> currently use. Only the <code>root<\/code> user can bind to ports <code>1<\/code> &#8211; <code>1023<\/code>. Anyone can use the unprivileged ports of <code>1024<\/code> and greater.<\/p>\n<\/p><\/div>\n<\/div>\n<\/li>\n<li>\n<p><code>Protocol<\/code> \u2014 The SSH protocol that your server uses. We recommend that you change this value to <code>2<\/code>.<\/p>\n<\/li>\n<li>\n<p><code>ListenAddress<\/code> \u2014 The IP address on which the <code>sshd<\/code> daemon listens for connections. Your server <strong>must<\/strong> own this IP address. We <strong>strongly<\/strong> recommend that you do not use your main shared IP address for this value. You can create a custom DNS entry specifically for the new SSH IP address. To do so, create a zone file (for example, <code>ssh.example.com<\/code>) and add an A entry to the zone file for the new nameserver entry.<\/p>\n<\/li>\n<li>\n<p><code>PermitRootLogin<\/code> \u2014 This option specifies whether you wish to allow people to directly log in to SSH as the <code>root<\/code> user. We strongly recommend that you set this value to <code>no<\/code>.<\/p>\n<\/li>\n<\/ul>\n<h4 id=\"edit-the-sshd-config-file\">Edit the sshd_config file<\/h4>\n<p>To configure the <code>\/etc\/ssh\/sshd_config<\/code> file in order to tighten your server\u2019s security, perform the following steps:<\/p>\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n<p>For CentOS 7 and 8, CloudLinux\u2122 7 and 8, AlmaLinux 8, and RHEL 7 firewall management, we recommend that you manage your server\u2019s firewall with the <code>\/etc\/firewalld\/services\/cpanel.xml<\/code> file. You can read more about this file in our How to Configure Your Firewall for cPanel &#038; WHM Services documentation.<\/p>\n<\/p><\/div>\n<\/div>\n<ol>\n<li>\n<p>Log in to your server as the <code>root<\/code> user via SSH. If your server does <strong>not<\/strong> allow direct <code>root<\/code> logins to SSH, log in as your wheel user and use the <code>su<\/code> command to become the <code>root<\/code> user.<\/p>\n<\/li>\n<li>\n<p>Back up the <code>sshd_config<\/code> file with the following command:\n<\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-GO\" data-lang=\"GO\"><span style=\"color:#a6e22e\">cp<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">sshd_config<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">sshd_config<\/span>.<span style=\"color:#a6e22e\">bak<\/span><span style=\"color:#e6db74\">`date +%F`<\/span><\/code><\/pre>\n<\/div>\n<\/li>\n<li>\n<p>Open the <code>\/etc\/ssh\/sshd_config<\/code> file with a text editor.<\/p>\n<\/li>\n<li>\n<p>To change a parameter in the <code>sshd_config<\/code> file, uncomment the line that contains the parameter. To do this, remove the number-sign character (<code>#<\/code>) and change the value for the line.<\/p>\n<div class=\"callout callout-warning\">\n<div class=\"callout-heading\">Important:<\/div>\n<div class=\"callout-content\">\n<p>If you change the default SSH port, you <strong>must<\/strong> update your server\u2019s firewall configuration to allow traffic to the new port. For more information about firewall configuration, read our How to Configure Your Firewall for cPanel &#038; WHM Services documentation.<\/p>\n<\/p><\/div>\n<\/div>\n<p>For example, the default SSH port appears in a line similar to the following example:<\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-GO\" data-lang=\"GO\"><span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">Port<\/span> <span style=\"color:#ae81ff\">22<\/span><\/code><\/pre>\n<\/div>\n<p>To change the SSH port to <code>456<\/code>, edit that line to resemble the following example:<\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-GO\" data-lang=\"GO\"><span style=\"color:#a6e22e\">Port<\/span> <span style=\"color:#ae81ff\">456<\/span><\/code><\/pre>\n<\/div>\n<\/li>\n<\/ol>\n<p>After you configure SSH, run the <code>\/scripts\/restart_sshd<\/code> script or the <code>service sshd restart<\/code> command to restart the SSH daemon.<\/p>\n<p>After you restart SSH, log out of your server and log in again with the user, IP address, and port number that you specified in the <code>sshd_config<\/code> file.<\/p>\n<div class=\"callout callout-danger\">\n<div class=\"callout-heading\">Warning:<\/div>\n<div class=\"callout-content\">\n<p>If you accidentally misconfigure your SSH configuration file, navigate to the following link in your web browser (where <code>example.com<\/code> represents the server\u2019s hostname or main IP address):<\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-GO\" data-lang=\"GO\"><span style=\"color:#a6e22e\">https<\/span>:<span style=\"color:#f92672\">\/\/<\/span><span style=\"color:#a6e22e\">example<\/span>.<span style=\"color:#a6e22e\">com<\/span>:<span style=\"color:#ae81ff\">2087<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">scripts2<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">doautofixer<\/span><span style=\"color:#960050;background-color:#1e0010\">?<\/span><span style=\"color:#a6e22e\">autofix<\/span>=<span style=\"color:#a6e22e\">safesshrestart<\/span><\/code><\/pre>\n<\/div><\/div>\n<\/div>\n<h4 id=\"example-sshd-config-file\">Example sshd_config File<\/h4>\n<div class=\"callout callout-danger\">\n<div class=\"callout-heading\">Warning:<\/div>\n<div class=\"callout-content\">\n<p>Do <strong>not<\/strong> copy the the example file below and attempt to use it on your server. It will break your SSH service configuration. This file is <strong>only<\/strong> an example.<\/p>\n<\/p><\/div>\n<\/div>\n<div class=\"collapse-wrapper\">\n<p>        Click to view&#8230;<\/p>\n<div class=\"collapse\" id=\"click-to-view---1626990045153699085\">\n<div class=\"card card-body\">\n<div class=\"highlight\">\n<div style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\">\n<table style=\"border-spacing:0;padding:0;margin:0;border:0;width:auto;overflow:auto;display:block;\">\n<tr>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  1\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  2\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  3\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  4\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  5\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  6\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  7\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  8\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">  9\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 10\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 11\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 12\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 13\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 14\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 15\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 16\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 17\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 18\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 19\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 20\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 21\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 22\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 23\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 24\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 25\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 26\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 27\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 28\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 29\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 30\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 31\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 32\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 33\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 34\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 35\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 36\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 37\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 38\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 39\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 40\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 41\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 42\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 43\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 44\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 45\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 46\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 47\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 48\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 49\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 50\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 51\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 52\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 53\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 54\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 55\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 56\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 57\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 58\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 59\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 60\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 61\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 62\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 63\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 64\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 65\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 66\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 67\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 68\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 69\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 70\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 71\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 72\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 73\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 74\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 75\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 76\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 77\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 78\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 79\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 80\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 81\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 82\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 83\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 84\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 85\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 86\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 87\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 88\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 89\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 90\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 91\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 92\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 93\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 94\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 95\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 96\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 97\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 98\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\"> 99\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">100\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">101\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">102\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">103\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">104\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">105\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">106\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">107\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">108\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">109\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">110\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">111\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">112\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">113\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">114\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">115\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">116\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">117\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">118\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">119\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">120\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">121\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">122\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">123\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">124\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">125\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">126\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">127\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">128\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">129\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">130\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">131\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">132\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">133\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">134\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">135\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">136\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">137\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">138\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">139\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">140\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">141\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">142\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">143\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">144\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">145\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">146\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">147\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">148\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">149\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">150\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">151\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">152\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">153\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">154\n<\/span><\/code><\/pre>\n<\/td>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;;width:100%\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"color:#960050;background-color:#1e0010\">#<\/span>   <span style=\"color:#960050;background-color:#1e0010\">$<\/span><span style=\"color:#a6e22e\">OpenBSD<\/span>: <span style=\"color:#a6e22e\">sshd_config<\/span>,<span style=\"color:#a6e22e\">v<\/span> <span style=\"color:#ae81ff\">1.93<\/span> <span style=\"color:#ae81ff\">2014<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#ae81ff\">01<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#ae81ff\">10<\/span> <span style=\"color:#ae81ff\">05<\/span>:<span style=\"color:#ae81ff\">59<\/span>:<span style=\"color:#ae81ff\">19<\/span> <span style=\"color:#a6e22e\">djm<\/span> <span style=\"color:#a6e22e\">Exp<\/span> <span style=\"color:#960050;background-color:#1e0010\">$<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">This<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">sshd<\/span> <span style=\"color:#a6e22e\">server<\/span> <span style=\"color:#a6e22e\">system<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">wide<\/span> <span style=\"color:#a6e22e\">configuration<\/span> <span style=\"color:#a6e22e\">file<\/span>.  <span style=\"color:#a6e22e\">See<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">sshd_config<\/span>(<span style=\"color:#ae81ff\">5<\/span>) <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">more<\/span> <span style=\"color:#a6e22e\">information<\/span>.\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">This<\/span> <span style=\"color:#a6e22e\">sshd<\/span> <span style=\"color:#a6e22e\">was<\/span> <span style=\"color:#a6e22e\">compiled<\/span> <span style=\"color:#a6e22e\">with<\/span> <span style=\"color:#a6e22e\">PATH<\/span>=<span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">usr<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">local<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">bin<\/span>:<span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">usr<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">bin<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">The<\/span> <span style=\"color:#a6e22e\">strategy<\/span> <span style=\"color:#a6e22e\">used<\/span> <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">options<\/span> <span style=\"color:#a6e22e\">in<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">sshd_config<\/span> <span style=\"color:#a6e22e\">shipped<\/span> <span style=\"color:#a6e22e\">with<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">OpenSSH<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">specify<\/span> <span style=\"color:#a6e22e\">options<\/span> <span style=\"color:#a6e22e\">with<\/span> <span style=\"color:#a6e22e\">their<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">value<\/span> <span style=\"color:#a6e22e\">where<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">possible<\/span>, <span style=\"color:#a6e22e\">but<\/span> <span style=\"color:#a6e22e\">leave<\/span> <span style=\"color:#a6e22e\">them<\/span> <span style=\"color:#a6e22e\">commented<\/span>.  <span style=\"color:#a6e22e\">Uncommented<\/span> <span style=\"color:#a6e22e\">options<\/span> <span style=\"color:#a6e22e\">override<\/span> <span style=\"color:#a6e22e\">the<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">value<\/span>.\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">If<\/span> <span style=\"color:#a6e22e\">you<\/span> <span style=\"color:#a6e22e\">want<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">change<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">port<\/span> <span style=\"color:#a6e22e\">on<\/span> <span style=\"color:#a6e22e\">a<\/span> <span style=\"color:#a6e22e\">SELinux<\/span> <span style=\"color:#a6e22e\">system<\/span>, <span style=\"color:#a6e22e\">you<\/span> <span style=\"color:#a6e22e\">have<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">tell<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">SELinux<\/span> <span style=\"color:#a6e22e\">about<\/span> <span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">change<\/span>.\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">semanage<\/span> <span style=\"color:#a6e22e\">port<\/span> <span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">a<\/span> <span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">t<\/span> <span style=\"color:#a6e22e\">ssh_port_t<\/span> <span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">p<\/span> <span style=\"color:#a6e22e\">tcp<\/span> <span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PORTNUMBER<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span>\n<span style=\"color:#a6e22e\">Port<\/span> <span style=\"color:#ae81ff\">456<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">AddressFamily<\/span> <span style=\"color:#a6e22e\">any<\/span>\n<span style=\"color:#a6e22e\">ListenAddress<\/span> <span style=\"color:#ae81ff\">192.168.69.187<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ListenAddress<\/span> ::\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">The<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">requires<\/span> <span style=\"color:#a6e22e\">explicit<\/span> <span style=\"color:#a6e22e\">activation<\/span> <span style=\"color:#a6e22e\">of<\/span> <span style=\"color:#a6e22e\">protocol<\/span> <span style=\"color:#ae81ff\">1<\/span>\n<span style=\"color:#a6e22e\">Protocol<\/span> <span style=\"color:#ae81ff\">2<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">HostKey<\/span> <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">protocol<\/span> <span style=\"color:#a6e22e\">version<\/span> <span style=\"color:#ae81ff\">1<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">HostKey<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh_host_key<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">HostKeys<\/span> <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">protocol<\/span> <span style=\"color:#a6e22e\">version<\/span> <span style=\"color:#ae81ff\">2<\/span>\n<span style=\"color:#a6e22e\">HostKey<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh_host_rsa_key<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">HostKey<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh_host_dsa_key<\/span>\n<span style=\"color:#a6e22e\">HostKey<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh_host_ecdsa_key<\/span>\n<span style=\"color:#a6e22e\">HostKey<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh_host_ed25519_key<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Lifetime<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">size<\/span> <span style=\"color:#a6e22e\">of<\/span> <span style=\"color:#a6e22e\">ephemeral<\/span> <span style=\"color:#a6e22e\">version<\/span> <span style=\"color:#ae81ff\">1<\/span> <span style=\"color:#a6e22e\">server<\/span> <span style=\"color:#a6e22e\">key<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">KeyRegenerationInterval<\/span> <span style=\"color:#ae81ff\">1<\/span><span style=\"color:#a6e22e\">h<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ServerKeyBits<\/span> <span style=\"color:#ae81ff\">1024<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Ciphers<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">keying<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">RekeyLimit<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">none<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Logging<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">obsoletes<\/span> <span style=\"color:#a6e22e\">QuietMode<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">FascistLogging<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">SyslogFacility<\/span> <span style=\"color:#a6e22e\">AUTH<\/span>\n<span style=\"color:#a6e22e\">SyslogFacility<\/span> <span style=\"color:#a6e22e\">AUTHPRIV<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">LogLevel<\/span> <span style=\"color:#a6e22e\">INFO<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Authentication<\/span>:\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">LoginGraceTime<\/span> <span style=\"color:#ae81ff\">2<\/span><span style=\"color:#a6e22e\">m<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PermitRootLogin<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">StrictModes<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">MaxAuthTries<\/span> <span style=\"color:#ae81ff\">6<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">MaxSessions<\/span> <span style=\"color:#ae81ff\">10<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">RSAAuthentication<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PubkeyAuthentication<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">The<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">check<\/span> <span style=\"color:#a6e22e\">both<\/span> .<span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">authorized_keys<\/span> <span style=\"color:#a6e22e\">and<\/span> .<span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">authorized_keys2<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">but<\/span> <span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">overridden<\/span> <span style=\"color:#a6e22e\">so<\/span> <span style=\"color:#a6e22e\">installations<\/span> <span style=\"color:#a6e22e\">will<\/span> <span style=\"color:#a6e22e\">only<\/span> <span style=\"color:#a6e22e\">check<\/span> .<span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">authorized_keys<\/span>\n<span style=\"color:#a6e22e\">AuthorizedKeysFile<\/span>  .<span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">authorized_keys<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">AuthorizedPrincipalsFile<\/span> <span style=\"color:#a6e22e\">none<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">AuthorizedKeysCommand<\/span> <span style=\"color:#a6e22e\">none<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">AuthorizedKeysCommandUser<\/span> <span style=\"color:#a6e22e\">nobody<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">For<\/span> <span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">work<\/span> <span style=\"color:#a6e22e\">you<\/span> <span style=\"color:#a6e22e\">will<\/span> <span style=\"color:#a6e22e\">also<\/span> <span style=\"color:#a6e22e\">need<\/span> <span style=\"color:#a6e22e\">host<\/span> <span style=\"color:#a6e22e\">keys<\/span> <span style=\"color:#a6e22e\">in<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">etc<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">ssh_known_hosts<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">RhostsRSAAuthentication<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">similar<\/span> <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">protocol<\/span> <span style=\"color:#a6e22e\">version<\/span> <span style=\"color:#ae81ff\">2<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">HostbasedAuthentication<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Change<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">yes<\/span> <span style=\"color:#66d9ef\">if<\/span> <span style=\"color:#a6e22e\">you<\/span> <span style=\"color:#a6e22e\">don<\/span><span style=\"color:#960050;background-color:#1e0010\">'<\/span><span style=\"color:#a6e22e\">t<\/span> <span style=\"color:#a6e22e\">trust<\/span> <span style=\"color:#960050;background-color:#1e0010\">~<\/span><span style=\"color:#f92672\">\/<\/span>.<span style=\"color:#a6e22e\">ssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">known_hosts<\/span> <span style=\"color:#66d9ef\">for<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">RhostsRSAAuthentication<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">HostbasedAuthentication<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">IgnoreUserKnownHosts<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Don<\/span><span style=\"color:#960050;background-color:#1e0010\">'<\/span><span style=\"color:#a6e22e\">t<\/span> <span style=\"color:#a6e22e\">read<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">user<\/span><span style=\"color:#960050;background-color:#1e0010\">'<\/span><span style=\"color:#a6e22e\">s<\/span> <span style=\"color:#960050;background-color:#1e0010\">~<\/span><span style=\"color:#f92672\">\/<\/span>.<span style=\"color:#a6e22e\">rhosts<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#960050;background-color:#1e0010\">~<\/span><span style=\"color:#f92672\">\/<\/span>.<span style=\"color:#a6e22e\">shosts<\/span> <span style=\"color:#a6e22e\">files<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">IgnoreRhosts<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">To<\/span> <span style=\"color:#a6e22e\">disable<\/span> <span style=\"color:#a6e22e\">tunneled<\/span> <span style=\"color:#a6e22e\">clear<\/span> <span style=\"color:#a6e22e\">text<\/span> <span style=\"color:#a6e22e\">passwords<\/span>, <span style=\"color:#a6e22e\">change<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">no<\/span> <span style=\"color:#a6e22e\">here<\/span>!\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PasswordAuthentication<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PermitEmptyPasswords<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#a6e22e\">PasswordAuthentication<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Change<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">no<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">disable<\/span> <span style=\"color:#a6e22e\">s<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">key<\/span> <span style=\"color:#a6e22e\">passwords<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ChallengeResponseAuthentication<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#a6e22e\">ChallengeResponseAuthentication<\/span> <span style=\"color:#a6e22e\">no<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Kerberos<\/span> <span style=\"color:#a6e22e\">options<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">KerberosAuthentication<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">KerberosOrLocalPasswd<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">KerberosTicketCleanup<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">KerberosGetAFSToken<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">KerberosUseKuserok<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">GSSAPI<\/span> <span style=\"color:#a6e22e\">options<\/span>\n<span style=\"color:#a6e22e\">GSSAPIAuthentication<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#a6e22e\">GSSAPICleanupCredentials<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">GSSAPIStrictAcceptorCheck<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">GSSAPIKeyExchange<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">GSSAPIEnablek5users<\/span> <span style=\"color:#a6e22e\">no<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Set<\/span> <span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#960050;background-color:#1e0010\">'<\/span><span style=\"color:#a6e22e\">yes<\/span><span style=\"color:#960050;background-color:#1e0010\">'<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">enable<\/span> <span style=\"color:#a6e22e\">PAM<\/span> <span style=\"color:#a6e22e\">authentication<\/span>, <span style=\"color:#a6e22e\">account<\/span> <span style=\"color:#a6e22e\">processing<\/span>,\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">session<\/span> <span style=\"color:#a6e22e\">processing<\/span>. <span style=\"color:#a6e22e\">If<\/span> <span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">enabled<\/span>, <span style=\"color:#a6e22e\">PAM<\/span> <span style=\"color:#a6e22e\">authentication<\/span> <span style=\"color:#a6e22e\">will<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">be<\/span> <span style=\"color:#a6e22e\">allowed<\/span> <span style=\"color:#a6e22e\">through<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">ChallengeResponseAuthentication<\/span> <span style=\"color:#a6e22e\">and<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">PasswordAuthentication<\/span>.  <span style=\"color:#a6e22e\">Depending<\/span> <span style=\"color:#a6e22e\">on<\/span> <span style=\"color:#a6e22e\">your<\/span> <span style=\"color:#a6e22e\">PAM<\/span> <span style=\"color:#a6e22e\">configuration<\/span>,\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">PAM<\/span> <span style=\"color:#a6e22e\">authentication<\/span> <span style=\"color:#a6e22e\">via<\/span> <span style=\"color:#a6e22e\">ChallengeResponseAuthentication<\/span> <span style=\"color:#a6e22e\">may<\/span> <span style=\"color:#a6e22e\">bypass<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">setting<\/span> <span style=\"color:#a6e22e\">of<\/span> <span style=\"color:#e6db74\">\"PermitRootLogin without-password\"<\/span>.\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">If<\/span> <span style=\"color:#a6e22e\">you<\/span> <span style=\"color:#a6e22e\">just<\/span> <span style=\"color:#a6e22e\">want<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">PAM<\/span> <span style=\"color:#a6e22e\">account<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">session<\/span> <span style=\"color:#a6e22e\">checks<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#a6e22e\">run<\/span> <span style=\"color:#a6e22e\">without<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">PAM<\/span> <span style=\"color:#a6e22e\">authentication<\/span>, <span style=\"color:#a6e22e\">then<\/span> <span style=\"color:#a6e22e\">enable<\/span> <span style=\"color:#a6e22e\">this<\/span> <span style=\"color:#a6e22e\">but<\/span> <span style=\"color:#a6e22e\">set<\/span> <span style=\"color:#a6e22e\">PasswordAuthentication<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">ChallengeResponseAuthentication<\/span> <span style=\"color:#a6e22e\">to<\/span> <span style=\"color:#960050;background-color:#1e0010\">'<\/span><span style=\"color:#a6e22e\">no<\/span><span style=\"color:#960050;background-color:#1e0010\">'<\/span>.\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">WARNING<\/span>: <span style=\"color:#960050;background-color:#1e0010\">'<\/span><span style=\"color:#a6e22e\">UsePAM<\/span> <span style=\"color:#a6e22e\">no<\/span><span style=\"color:#960050;background-color:#1e0010\">'<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">not<\/span> <span style=\"color:#a6e22e\">supported<\/span> <span style=\"color:#a6e22e\">in<\/span> <span style=\"color:#a6e22e\">Red<\/span> <span style=\"color:#a6e22e\">Hat<\/span> <span style=\"color:#a6e22e\">Enterprise<\/span> <span style=\"color:#a6e22e\">Linux<\/span> <span style=\"color:#a6e22e\">and<\/span> <span style=\"color:#a6e22e\">may<\/span> <span style=\"color:#a6e22e\">cause<\/span> <span style=\"color:#a6e22e\">several<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">problems<\/span>.\n<span style=\"color:#a6e22e\">UsePAM<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">AllowAgentForwarding<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">AllowTcpForwarding<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">GatewayPorts<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#a6e22e\">X11Forwarding<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">X11DisplayOffset<\/span> <span style=\"color:#ae81ff\">10<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">X11UseLocalhost<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PermitTTY<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PrintMotd<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PrintLastLog<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">TCPKeepAlive<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">UseLogin<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#a6e22e\">UsePrivilegeSeparation<\/span> <span style=\"color:#a6e22e\">sandbox<\/span>      <span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Default<\/span> <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">new<\/span> <span style=\"color:#a6e22e\">installations<\/span>.\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PermitUserEnvironment<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">Compression<\/span> <span style=\"color:#a6e22e\">delayed<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ClientAliveInterval<\/span> <span style=\"color:#ae81ff\">0<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ClientAliveCountMax<\/span> <span style=\"color:#ae81ff\">3<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ShowPatchLevel<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">UseDNS<\/span> <span style=\"color:#a6e22e\">yes<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PidFile<\/span> <span style=\"color:#f92672\">\/<\/span><span style=\"color:#66d9ef\">var<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">run<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">sshd<\/span>.<span style=\"color:#a6e22e\">pid<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">MaxStartups<\/span> <span style=\"color:#ae81ff\">10<\/span>:<span style=\"color:#ae81ff\">30<\/span>:<span style=\"color:#ae81ff\">100<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">PermitTunnel<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">ChrootDirectory<\/span> <span style=\"color:#a6e22e\">none<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">VersionAddendum<\/span> <span style=\"color:#a6e22e\">none<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">no<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">banner<\/span> <span style=\"color:#a6e22e\">path<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">Banner<\/span> <span style=\"color:#a6e22e\">none<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Accept<\/span> <span style=\"color:#a6e22e\">locale<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">related<\/span> <span style=\"color:#a6e22e\">environment<\/span> <span style=\"color:#a6e22e\">variables<\/span>\n<span style=\"color:#a6e22e\">AcceptEnv<\/span> <span style=\"color:#a6e22e\">LANG<\/span> <span style=\"color:#a6e22e\">LC_CTYPE<\/span> <span style=\"color:#a6e22e\">LC_NUMERIC<\/span> <span style=\"color:#a6e22e\">LC_TIME<\/span> <span style=\"color:#a6e22e\">LC_COLLATE<\/span> <span style=\"color:#a6e22e\">LC_MONETARY<\/span> <span style=\"color:#a6e22e\">LC_MESSAGES<\/span>\n<span style=\"color:#a6e22e\">AcceptEnv<\/span> <span style=\"color:#a6e22e\">LC_PAPER<\/span> <span style=\"color:#a6e22e\">LC_NAME<\/span> <span style=\"color:#a6e22e\">LC_ADDRESS<\/span> <span style=\"color:#a6e22e\">LC_TELEPHONE<\/span> <span style=\"color:#a6e22e\">LC_MEASUREMENT<\/span>\n<span style=\"color:#a6e22e\">AcceptEnv<\/span> <span style=\"color:#a6e22e\">LC_IDENTIFICATION<\/span> <span style=\"color:#a6e22e\">LC_ALL<\/span> <span style=\"color:#a6e22e\">LANGUAGE<\/span>\n<span style=\"color:#a6e22e\">AcceptEnv<\/span> <span style=\"color:#a6e22e\">XMODIFIERS<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">override<\/span> <span style=\"color:#66d9ef\">default<\/span> <span style=\"color:#a6e22e\">of<\/span> <span style=\"color:#a6e22e\">no<\/span> <span style=\"color:#a6e22e\">subsystems<\/span>\n<span style=\"color:#a6e22e\">Subsystem<\/span>   <span style=\"color:#a6e22e\">sftp<\/span>    <span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">usr<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">libexec<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">openssh<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">sftp<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">server<\/span>\n\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span> <span style=\"color:#a6e22e\">Example<\/span> <span style=\"color:#a6e22e\">of<\/span> <span style=\"color:#a6e22e\">overriding<\/span> <span style=\"color:#a6e22e\">settings<\/span> <span style=\"color:#a6e22e\">on<\/span> <span style=\"color:#a6e22e\">a<\/span> <span style=\"color:#a6e22e\">per<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">user<\/span> <span style=\"color:#a6e22e\">basis<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span><span style=\"color:#a6e22e\">Match<\/span> <span style=\"color:#a6e22e\">User<\/span> <span style=\"color:#a6e22e\">anoncvs<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span>   <span style=\"color:#a6e22e\">X11Forwarding<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span>   <span style=\"color:#a6e22e\">AllowTcpForwarding<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span>   <span style=\"color:#a6e22e\">PermitTTY<\/span> <span style=\"color:#a6e22e\">no<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">#<\/span>   <span style=\"color:#a6e22e\">ForceCommand<\/span> <span style=\"color:#a6e22e\">cvs<\/span> <span style=\"color:#a6e22e\">server<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div><\/div>\n<\/p><\/div>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Overview This document lists several helpful changes that you can make to your server to improve SSH security. We strongly recommend that you restrict and properly configure Secure Shell (SSH) access in order to secure your server. Be careful who you grant SSH access to If a user does not need SSH access, do not &hellip;<\/p>\n","protected":false},"author":1,"featured_media":355,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/354"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=354"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/354\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/355"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}