6057 login(1) "Last login" hostname is too short 6594 lastlog.h should be private Reviewed by: Dan McDonald <danmcd@omniti.com> Reviewed by: Gary Mills <gary_mills@fastmail.fm>
1 SSHD_CONFIG(4) File Formats and Configurations SSHD_CONFIG(4) 2 3 4 5 NAME 6 sshd_config - sshd configuration file 7 8 SYNOPSIS 9 /etc/ssh/sshd_config 10 11 12 DESCRIPTION 13 The sshd(1M) daemon reads configuration data from /etc/ssh/sshd_config 14 (or the file specified with sshd -f on the command line). The file 15 contains keyword-value pairs, one per line. A line starting with a hash 16 mark (#) and empty lines are interpreted as comments. 17 18 19 The sshd_config file supports the following keywords. Unless otherwise 20 noted, keywords and their arguments are case-insensitive. 21 22 AllowGroups 23 24 This keyword can be followed by a number of group names, separated 25 by spaces. If specified, login is allowed only for users whose 26 primary group or supplementary group list matches one of the 27 patterns. Asterisk (*) and question mark (?) can be used as 28 wildcards in the patterns. Only group names are valid; a numerical 29 group ID is not recognized. By default, login is allowed regardless 30 of the primary group. 31 32 33 AllowTcpForwarding 34 35 Specifies whether TCP forwarding is permitted. The default is yes. 36 Disabling TCP forwarding does not improve security unless users are 37 also denied shell access, as they can always install their own 38 forwarders. 39 40 41 AllowUsers 42 43 This keyword can be followed by a number of user names, separated 44 by spaces. If specified, login is allowed only for user names that 45 match one of the patterns. Asterisk (*) and question mark (?) can 46 be used as wildcards in the patterns. Only user names are valid; a 47 numerical user ID is not recognized. By default login is allowed 48 regardless of the user name. 49 50 If a specified pattern takes the form user@host then user and host 51 are checked separately, restricting logins to particular users from 52 particular hosts. 53 54 55 AuthorizedKeysFile 56 57 Specifies the file that contains the public keys that can be used 58 for user authentication. AuthorizedKeysFile can contain tokens of 59 the form %T, which are substituted during connection set-up. The 60 following tokens are defined: %% is replaced by a literal %, %h is 61 replaced by the home directory of the user being authenticated and 62 %u is replaced by the username of that user. After expansion, 63 AuthorizedKeysFile is taken to be an absolute path or one relative 64 to the user's home directory. The default is .ssh/authorized_keys. 65 66 67 Banner 68 69 In some jurisdictions, sending a warning message before 70 authentication can be relevant for getting legal protection. The 71 contents of the specified file are sent to the remote user before 72 authentication is allowed. This option is only available for 73 protocol version 2. By default, no banner is displayed. 74 75 76 ChrootDirectory 77 78 Specifies a path to chroot(2) to after authentication. This path, 79 and all its components, must be root-owned directories that are not 80 writable by any other user or group. 81 82 The server always tries to change to the user's home directory 83 locally under the chrooted environment but a failure to do so is 84 not considered an error. In addition, the path might contain the 85 following tokens that are expanded at runtime once the connecting 86 user has been authenticated: %% is replaced by a literal %, %h is 87 replaced by the home directory of the user being authenticated, and 88 %u is replaced by the username of that user. 89 90 The ChrootDirectory must contain the necessary files and 91 directories to support the user's session. For an interactive SSH 92 session this requires at least a user's shell, shared libraries 93 needed by the shell, dynamic linker, and possibly basic /dev nodes 94 such as null, zero, stdin, stdout, stderr, random, and tty. 95 Additionally, terminal databases are needed for screen oriented 96 applications. For file transfer sessions using sftp with the SSH 97 protocol version 2, no additional configuration of the environment 98 is necessary if the in-process sftp server is used. See Subsystem 99 for details. 100 101 The default is not to chroot(2). 102 103 104 Ciphers 105 106 Specifies the ciphers allowed for protocol version 2. Cipher 107 ordering on the server side is not relevant. Multiple ciphers must 108 be comma separated. 109 110 Valid ciphers are: aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, 111 aes192-cbc, aes256-cbc, arcfour, arcfour128, arcfour256, 3des-cbc, 112 and blowfish-cbc. 113 114 The default cipher list is: 115 116 aes128-ctr,aes192-ctr,aes256-ctr,arcfour128, 117 arcfour256,arcfour 118 119 120 Using CBC modes on the server side is not recommended due to 121 potential security issues in connection with the SSH protocol 122 version 2. 123 124 125 ClientAliveCountMax 126 127 Sets the number of client alive messages, (see 128 ClientAliveInterval), that can be sent without sshd receiving any 129 messages back from the client. If this threshold is reached while 130 client alive messages are being sent, sshd disconnects the client, 131 terminating the session. The use of client alive messages is very 132 different from TCPKeepAlive. The client alive messages are sent 133 through the encrypted channel and therefore are not spoofable. The 134 TCP keepalive option enabled by TCPKeepAlive is spoofable. The 135 client alive mechanism is valuable when a client or server depend 136 on knowing when a connection has become inactive. 137 138 The default value is 3. If ClientAliveInterval is set to 15, and 139 ClientAliveCountMax is left at the default, unresponsive ssh 140 clients are disconnected after approximately 45 seconds. 141 142 143 ClientAliveInterval 144 145 Sets a timeout interval in seconds after which, if no data has been 146 received from the client, sshd sends a message through the 147 encrypted channel to request a response from the client. The 148 default is 0, indicating that these messages are not sent to the 149 client. This option applies only to protocol version 2. 150 151 152 Compression 153 154 Controls whether the server allows the client to negotiate the use 155 of compression. The default is yes. 156 157 158 DenyGroups 159 160 Can be followed by a number of group names, separated by spaces. 161 Users whose primary group matches one of the patterns are not 162 allowed to log in. Asterisk (*) and question mark (?) can be used 163 as wildcards in the patterns. Only group names are valid; a 164 numerical group ID is not recognized. By default, login is allowed 165 regardless of the primary group. 166 167 168 DenyUsers 169 170 Can be followed by a number of user names, separated by spaces. 171 Login is disallowed for user names that match one of the patterns. 172 Asterisk (*) and question mark (?) can be used as wildcards in the 173 patterns. Only user names are valid; a numerical user ID is not 174 recognized. By default, login is allowed regardless of the user 175 name. 176 177 If a specified pattern takes the form user@host then user and host 178 are checked separately, disallowing logins to particular users from 179 particular hosts. 180 181 182 GatewayPorts 183 184 Specifies whether remote hosts are allowed to connect to ports 185 forwarded for the client. By default, sshd binds remote port 186 forwardings to the loopback address. This prevents other remote 187 hosts from connecting to forwarded ports. GatewayPorts can be used 188 to specify that sshd should bind remote port forwardings to the 189 wildcard address, thus allowing remote hosts to connect to 190 forwarded ports. 191 192 The argument can be no to force remote port forwardings to be 193 available to the local host only, yes to force remote port 194 forwardings to bind to the wildcard address, or clientspecified to 195 allow the client to select the address to which the forwarding is 196 bound. The default is no. See also RemoteForward in ssh_config(4). 197 198 199 GSSAPIAuthentication 200 201 Enables/disables GSS-API user authentication. The default is yes. 202 203 Currently sshd authorizes client user principals to user accounts 204 as follows: if the principal name matches the requested user 205 account, then the principal is authorized. Otherwise, GSS-API 206 authentication fails. 207 208 209 GSSAPIKeyExchange 210 211 Enables/disables GSS-API-authenticated key exchanges. The default 212 is yes. 213 214 This option also enables the use of the GSS-API to authenticate the 215 user to server after the key exchange. GSS-API key exchange can 216 succeed but the subsequent authentication using the GSS-API fail if 217 the server does not authorize the user's GSS principal name to the 218 target user account. 219 220 Currently sshd authorizes client user principals to user accounts 221 as follows: if the principal name matches the requested user 222 account, then the principal is authorized. Otherwise, GSS-API 223 authentication fails. 224 225 226 GSSAPIStoreDelegatedCredentials 227 228 Enables/disables the use of delegated GSS-API credentials on the 229 server-side. The default is yes. 230 231 Specifically, this option, when enabled, causes the server to store 232 delegated GSS-API credentials in the user's default GSS-API 233 credential store (which for the Kerberos V mechanism means 234 /tmp/krb5cc_<uid>). 235 236 Note - 237 238 sshd does not take any steps to explicitly destroy stored 239 delegated GSS-API credentials upon logout. It is the 240 responsibility of PAM modules to destroy credentials associated 241 with a session. 242 243 244 HostbasedAuthentication 245 246 Specifies whether to try rhosts-based authentication with public 247 key authentication. The argument must be yes or no. The default is 248 no. This option applies to protocol version 2 only and is similar 249 to RhostsRSAAuthentication. See sshd(1M) for guidelines on setting 250 up host-based authentication. 251 252 253 HostbasedUsesNameFromPacketOnly 254 255 Controls which hostname is searched for in the files ~/.shosts, 256 /etc/shosts.equiv, and /etc/hosts.equiv. If this parameter is set 257 to yes, the server uses the name the client claimed for itself and 258 signed with that host's key. If set to no, the default, the server 259 uses the name to which the client's IP address resolves. 260 261 Setting this parameter to no disables host-based authentication 262 when using NAT or when the client gets to the server indirectly 263 through a port-forwarding firewall. 264 265 266 HostKey 267 268 Specifies the file containing the private host key used by SSH. The 269 default is /etc/ssh/ssh_host_key for protocol version 1, and 270 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for 271 protocol version 2. sshd refuses to use a file if it is 272 group/world-accessible. It is possible to have multiple host key 273 files. rsa1 keys are used for version 1 and dsa or rsa are used 274 for version 2 of the SSH protocol. 275 276 277 IgnoreRhosts 278 279 Specifies that .rhosts and .shosts files are not used in 280 authentication. /etc/hosts.equiv and /etc/shosts.equiv are still 281 used. The default is yes. This parameter applies to both protocol 282 versions 1 and 2. 283 284 285 IgnoreUserKnownHosts 286 287 Specifies whether sshd should ignore the user's 288 $HOME/.ssh/known_hosts during RhostsRSAAuthentication. The default 289 is no. This parameter applies to both protocol versions 1 and 2. 290 291 292 KbdInteractiveAuthentication 293 294 Specifies whether authentication by means of the "keyboard- 295 interactive" authentication method (and PAM) is allowed. Defaults 296 to yes. (Deprecated: this parameter can only be set to yes.) 297 298 299 TCPKeepAlive 300 301 Specifies whether the system should send keepalive messages to the 302 other side. If they are sent, death of the connection or crash of 303 one of the machines is properly noticed. However, this means that 304 connections die if the route is down temporarily, which can be an 305 annoyance. On the other hand, if keepalives are not sent, sessions 306 can hang indefinitely on the server, leaving ghost users and 307 consuming server resources. 308 309 The default is yes (to send keepalives), and the server notices if 310 the network goes down or the client host reboots. This avoids 311 infinitely hanging sessions. 312 313 To disable keepalives, the value should be set to no in both the 314 server and the client configuration files. 315 316 317 KeyRegenerationInterval 318 319 In protocol version 1, the ephemeral server key is automatically 320 regenerated after this many seconds (if it has been used). The 321 purpose of regeneration is to prevent decrypting captured sessions 322 by later breaking into the machine and stealing the keys. The key 323 is never stored anywhere. If the value is 0, the key is never 324 regenerated. The default is 3600 (seconds). 325 326 327 ListenAddress 328 329 Specifies what local address sshd should listen on. The following 330 forms can be used: 331 332 ListenAddress host|IPv4_addr|IPv6_addr 333 ListenAddress host|IPv4_addr:port 334 ListenAddress [host|IPv6_addr]:port 335 336 If port is not specified, sshd listens on the address and all prior 337 Port options specified. The default is to listen on all local 338 addresses. Multiple ListenAddress options are permitted. 339 Additionally, any Port options must precede this option for non- 340 port qualified addresses. 341 342 The default is to listen on all local addresses. Multiple options 343 of this type are permitted. Additionally, the Ports options must 344 precede this option. 345 346 347 LoginGraceTime 348 349 The server disconnects after this time (in seconds) if the user has 350 not successfully logged in. If the value is 0, there is no time 351 limit. The default is 120 (seconds). 352 353 354 LogLevel 355 356 Gives the verbosity level that is used when logging messages from 357 sshd. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, 358 DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG2 and 359 DEBUG3 each specify higher levels of debugging output. Logging with 360 level DEBUG violates the privacy of users and is not recommended. 361 362 363 LookupClientHostnames 364 365 Specifies whether or not to lookup the names of client's addresses. 366 Defaults to yes. 367 368 369 MACs 370 371 Specifies the available MAC (message authentication code) 372 algorithms. The MAC algorithm is used in protocol version 2 for 373 data integrity protection. Multiple algorithms must be comma- 374 separated. The default is hmac-md5,hmac-sha1,hmac-sha1-96,hmac- 375 md5-96. 376 377 378 MaxStartups 379 380 Specifies the maximum number of concurrent unauthenticated 381 connections to the sshd daemon. Additional connections are dropped 382 until authentication succeeds or the LoginGraceTime expires for a 383 connection. The default is 10. 384 385 Alternatively, random early drop can be enabled by specifying the 386 three colon-separated values start:rate:full (for example, 387 10:30:60). Referring to this example, sshd refuse connection 388 attempts with a probability of rate/100 (30% in our example) if 389 there are currently 10 (from the start field) unauthenticated 390 connections. The probability increases linearly and all connection 391 attempts are refused if the number of unauthenticated connections 392 reaches full (60 in our example). 393 394 395 PasswordAuthentication 396 397 Specifies whether password authentication is allowed. The default 398 is yes. This option applies to both protocol versions 1 and 2. 399 400 401 PermitEmptyPasswords 402 403 When password or keyboard-interactive authentication is allowed, it 404 specifies whether the server allows login to accounts with empty 405 password strings. 406 407 If not set then the /etc/default/login PASSREQ value is used 408 instead. 409 410 PASSREQ=no is equivalent to PermitEmptyPasswords yes. PASSREQ=yes 411 is equivalent to PermitEmptyPasswords no. If neither 412 PermitEmptyPasswords or PASSREQ are set the default is no. 413 414 415 PermitRootLogin 416 417 Specifies whether the root can log in using ssh(1). The argument 418 must be yes, without-password, forced-commands-only, or no. 419 without-password means that root cannot be authenticated using the 420 "password" or "keyboard-interactive" methods (see description of 421 KbdInteractiveAuthentication). forced-commands-only means that 422 authentication is allowed only for publickey (for SSHv2, or RSA, 423 for SSHv1) and only if the matching authorized_keys entry for root 424 has a command=<cmd> option. 425 426 In Solaris, the default /etc/ssh/sshd_config file is shipped with 427 PermitRootLogin set to no. If unset by the administrator, then 428 CONSOLE parameter from /etc/default/login supplies the default 429 value as follows: if the CONSOLE parameter is not commented out (it 430 can even be empty, that is, "CONSOLE="), then without-password is 431 used as default value. If CONSOLE is commented out, then the 432 default for PermitRootLogin is yes. 433 434 The without-password and forced-commands-only settings are useful 435 for, for example, performing remote administration and backups 436 using trusted public keys for authentication of the remote client, 437 without allowing access to the root account using passwords. 438 439 440 PermitUserEnvironment 441 442 Specifies whether a user's ~/.ssh/environment on the server side 443 and environment options in the AuthorizedKeysFile file are 444 processed by sshd. The default is no. Enabling environment 445 processing can enable users to bypass access restrictions in some 446 configurations using mechanisms such as LD_PRELOAD. 447 448 Environment setting from a relevant entry in AuthorizedKeysFile 449 file is processed only if the user was authenticated using the 450 public key authentication method. Of the two files used, values of 451 variables set in ~/.ssh/environment are of higher priority. 452 453 454 PidFile 455 456 Allows you to specify an alternative to /var/run/sshd.pid, the 457 default file for storing the PID of the sshd listening for 458 connections. See sshd(1M). 459 460 461 Port 462 463 Specifies the port number that sshd listens on. The default is 22. 464 Multiple options of this type are permitted. See also 465 ListenAddress. 466 467 468 PrintLastLog 469 470 Specifies whether sshd should display the date and time when the 471 user last logged in. The default is yes. 472 473 474 PrintMotd 475 476 Specifies whether sshd should display the contents of /etc/motd 477 when a user logs in interactively. (On some systems it is also 478 displayed by the shell or a shell startup file, such as 479 /etc/profile.) The default is yes. 480 481 482 Protocol 483 484 Specifies the protocol versions sshd should support in order of 485 preference. The possible values are 1 and 2. Multiple versions must 486 be comma-separated. The default is 2,1. This means that ssh tries 487 version 2 and falls back to version 1 if version 2 is not 488 available. 489 490 491 PubkeyAuthentication 492 493 Specifies whether public key authentication is allowed. The default 494 is yes. This option applies to protocol version 2 only. 495 496 497 RhostsAuthentication 498 499 Specifies whether authentication using rhosts or /etc/hosts.equiv 500 files is sufficient. Normally, this method should not be permitted 501 because it is insecure. RhostsRSAAuthentication should be used 502 instead, because it performs RSA-based host authentication in 503 addition to normal rhosts or /etc/hosts.equiv authentication. The 504 default is no. This parameter applies only to protocol version 1. 505 506 507 RhostsRSAAuthentication 508 509 Specifies whether rhosts or /etc/hosts.equiv authentication 510 together with successful RSA host authentication is allowed. The 511 default is no. This parameter applies only to protocol version 1. 512 513 514 RSAAuthentication 515 516 Specifies whether pure RSA authentication is allowed. The default 517 is yes. This option applies to protocol version 1 only. 518 519 520 ServerKeyBits 521 522 Defines the number of bits in the ephemeral protocol version 1 523 server key. The minimum value is 512, and the default is 768. 524 525 526 StrictModes 527 528 Specifies whether sshd should check file modes and ownership of the 529 user's files and home directory before accepting login. This is 530 normally desirable because novices sometimes accidentally leave 531 their directory or files world-writable. The default is yes. 532 533 534 Subsystem 535 536 Configures an external subsystem (for example, a file transfer 537 daemon). Arguments should be a subsystem name and a command to 538 execute upon subsystem request. The command sftp-server(1M) 539 implements the sftp file transfer subsystem. 540 541 Alternately, the name internal-sftp implements an in-process sftp 542 server. This can simplify configurations using ChrootDirectory to 543 force a different filesystem root on clients. 544 545 By default, no subsystems are defined. This option applies to 546 protocol version 2 only. 547 548 549 SyslogFacility 550 551 Gives the facility code that is used when logging messages from 552 sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, 553 LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, and LOCAL7. The default is 554 AUTH. 555 556 557 UseOpenSSLEngine 558 559 Specifies whether sshd should use the OpenSSL PKCS#11 engine for 560 offloading cryptographic operations to the Cryptographic Framework. 561 Cryptographic operations are accelerated according to the available 562 installed plug-ins. When no suitable plug-ins are present this 563 option does not have an effect. The default is yes. 564 565 566 VerifyReverseMapping 567 568 Specifies whether sshd should try to verify the remote host name 569 and check that the resolved host name for the remote IP address 570 maps back to the very same IP address. (A yes setting means 571 "verify".) Setting this parameter to no can be useful where DNS 572 servers might be down and thus cause sshd to spend much time trying 573 to resolve the client's IP address to a name. This feature is 574 useful for Internet-facing servers. The default is no. 575 576 577 X11DisplayOffset 578 579 Specifies the first display number available for sshd's X11 580 forwarding. This prevents sshd from interfering with real X11 581 servers. The default is 10. 582 583 584 X11Forwarding 585 586 Specifies whether X11 forwarding is permitted. The default is yes. 587 Disabling X11 forwarding does not improve security in any way, as 588 users can always install their own forwarders. 589 590 When X11 forwarding is enabled, there can be additional exposure to 591 the server and to client displays if the sshd proxy display is 592 configured to listen on the wildcard address (see X11UseLocalhost). 593 However, this is not the default. Additionally, the authentication 594 spoofing and authentication data verification and substitution 595 occur on the client side. The security risk of using X11 forwarding 596 is that the client's X11 display server can be exposed to attack 597 when the ssh client requests forwarding (see the warnings for 598 ForwardX11 in ssh_config(4)). A system administrator who wants to 599 protect clients that expose themselves to attack by unwittingly 600 requesting X11 forwarding, should specify a no setting. 601 602 Disabling X11 forwarding does not prevent users from forwarding X11 603 traffic, as users can always install their own forwarders. 604 605 606 X11UseLocalhost 607 608 Specifies whether sshd should bind the X11 forwarding server to the 609 loopback address or to the wildcard address. By default, sshd binds 610 the forwarding server to the loopback address and sets the hostname 611 part of the DISPLAY environment variable to localhost. This 612 prevents remote hosts from connecting to the proxy display. 613 However, some older X11 clients might not function with this 614 configuration. X11UseLocalhost can be set to no to specify that the 615 forwarding server should be bound to the wildcard address. The 616 argument must be yes or no. The default is yes. 617 618 619 XAuthLocation 620 621 Specifies the location of the xauth(1) program. The default is 622 /usr/X11/bin/xauth and sshd attempts to open it when X11 forwarding 623 is enabled. 624 625 626 Time Formats 627 sshd command-line arguments and configuration file options that specify 628 time can be expressed using a sequence of the form: time[qualifier,] 629 where time is a positive integer value and qualifier is one of the 630 following: 631 632 <none> 633 seconds 634 635 636 s | S 637 seconds 638 639 640 m | M 641 minutes 642 643 644 h | H 645 hours 646 647 648 d | D 649 days 650 651 652 w | 653 weeks 654 655 656 657 Each element of the sequence is added together to calculate the total 658 time value. For example: 659 660 600 661 600 seconds (10 minutes) 662 663 664 10m 665 10 minutes 666 667 668 1h30m 669 1 hour, 30 minutes (90 minutes) 670 671 672 FILES 673 /etc/ssh/sshd_config 674 Contains configuration data for sshd. This file 675 should be writable by root only, but it is 676 recommended (though not necessary) that it be 677 world-readable. 678 679 680 ATTRIBUTES 681 See attributes(5) for descriptions of the following attributes: 682 683 684 685 686 +--------------------+-----------------+ 687 | ATTRIBUTE TYPE | ATTRIBUTE VALUE | 688 +--------------------+-----------------+ 689 |Interface Stability | Uncommitted | 690 +--------------------+-----------------+ 691 692 SEE ALSO 693 login(1), sshd(1M), chroot(2), ssh_config(4), attributes(5), 694 kerberos(5) 695 696 AUTHORS 697 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 698 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 699 Theo de Raadt, and Dug Song removed many bugs, re-added recent 700 features, and created OpenSSH. Markus Friedl contributed the support 701 for SSH protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl 702 contributed support for privilege separation. 703 704 705 706 January 17, 2013 SSHD_CONFIG(4) --- EOF ---