Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 106404 Details for
Bug 161384
net-misc/openssh-4.5_p1 - GSSAPIDelegateCredentials yes in ssh_config breaks scp and ssh host command
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
sshd_config
sshd_config.txt (text/plain), 3.59 KB, created by
Spooky Ghost
on 2007-01-10 19:59:43 UTC
(
hide
)
Description:
sshd_config
Filename:
MIME Type:
Creator:
Spooky Ghost
Created:
2007-01-10 19:59:43 UTC
Size:
3.59 KB
patch
obsolete
># $OpenBSD: sshd_config,v 1.74 2006/07/19 13:07:10 dtucker Exp $ > ># This is the sshd server system-wide configuration file. See ># sshd_config(5) for more information. > ># This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin > ># The strategy used for options in the default sshd_config shipped with ># OpenSSH is to specify options with their default value where ># possible, but leave them commented. Uncommented options change a ># default value. > >#Port 22 >Protocol 2 >#AddressFamily any >#ListenAddress 0.0.0.0 >#ListenAddress :: > ># HostKey for protocol version 1 >#HostKey /etc/ssh/ssh_host_key ># HostKeys for protocol version 2 >#HostKey /etc/ssh/ssh_host_rsa_key >#HostKey /etc/ssh/ssh_host_dsa_key > ># Lifetime and size of ephemeral version 1 server key >#KeyRegenerationInterval 1h >#ServerKeyBits 768 > ># Logging ># obsoletes QuietMode and FascistLogging >#SyslogFacility AUTH >#LogLevel INFO > ># Authentication: > >#LoginGraceTime 2m >PermitRootLogin no >#StrictModes yes >#MaxAuthTries 6 > >#RSAAuthentication yes >#PubkeyAuthentication yes >#AuthorizedKeysFile .ssh/authorized_keys > ># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts >#RhostsRSAAuthentication no ># similar for protocol version 2 >#HostbasedAuthentication no ># Change to yes if you don't trust ~/.ssh/known_hosts for ># RhostsRSAAuthentication and HostbasedAuthentication >#IgnoreUserKnownHosts no ># Don't read the user's ~/.rhosts and ~/.shosts files >#IgnoreRhosts yes > ># To disable tunneled clear text passwords, change to no here! >#PasswordAuthentication yes >#PermitEmptyPasswords no > ># Change to no to disable s/key passwords >ChallengeResponseAuthentication no > ># Kerberos options >KerberosAuthentication yes >KerberosOrLocalPasswd no >KerberosTicketCleanup yes >#KerberosGetAFSToken no > ># GSSAPI options >GSSAPIAuthentication yes >GSSAPICleanupCredentials yes > ># Set this to 'yes' to enable PAM authentication, account processing, ># and session processing. If this is enabled, PAM authentication will ># be allowed through the ChallengeResponseAuthentication mechanism. ># Depending on your PAM configuration, this may bypass the setting of ># PasswordAuthentication, PermitEmptyPasswords, and ># "PermitRootLogin without-password". If you just want the PAM account and ># session checks to run without PAM authentication, then enable this but set ># ChallengeResponseAuthentication=no >UsePAM yes > >#AllowTcpForwarding yes >#GatewayPorts no >X11Forwarding yes >#X11DisplayOffset 10 >#X11UseLocalhost yes >#PrintMotd yes >#PrintLastLog yes >#TCPKeepAlive yes >#UseLogin no >#UsePrivilegeSeparation yes >#PermitUserEnvironment no >#Compression delayed >#ClientAliveInterval 0 >#ClientAliveCountMax 3 >#UseDNS yes >#PidFile /var/run/sshd.pid >#MaxStartups 10 >#PermitTunnel no > ># no default banner path >#Banner /some/path > ># here are the new patched ldap related tokens ># entries in your LDAP must have posixAccount & ldapPublicKey objectclass >#UseLPK yes >#LpkLdapConf /etc/ldap.conf >#LpkServers ldap://10.7.33.13 ldap://127.0.0.3 ldap://127.0.0.1/ >LpkServers ldap://ldap >#LpkUserDN ou=People,dc=infis.univ.trieste,dc=it >#LpkUserDN ou=users,dc=phear,dc=org >#LpkGroupDN ou=groups,dc=phear,dc=org >#LpkBindDN cn=Manager,dc=phear,dc=org >#LpkBindPw secret >#LpkServerGroup mail >LpkForceTLS yes >#LpkSearchTimelimit 3 >#LpkBindTimelimit 3 > ># override default of no subsystems >Subsystem sftp /usr/lib/misc/sftp-server > ># Example of overriding settings on a per-user basis >#Match User anoncvs ># X11Forwarding no ># AllowTcpForwarding no ># ForceCommand cvs server >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 161384
: 106404 |
106406