SSH config file changed format?
Dotan Cohen
dotancohen at gmail.com
Sun Jan 28 12:09:21 UTC 2007
On 28/01/07, Steve Searle <steve at stevesearle.com> wrote:
> Around 11:46am on Sunday, January 28, 2007 (UK time), Dotan Cohen scrawled:
>
> > I tried adding these options to /etc/ssh/ssh_config:
> > Protocol 2
> > PermitRootLogin no
> > AllowUsers myUserName
> > MaxAuthTries 4
> >
>
> I just checked these in my working FC6 config file, and at firt glance
> they seem OK. I don't have the AllowUsers one, and the MaxAuthTries is
> commented out. It may be worth posting all of your config file.
>
> Also, what version do you have installed? I have:
>
> openssh-server.i386 4.2p1-fc4.10
>
> Steve
# ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
Here is /etc/ssh/ssh_config:
# cat /etc/ssh/ssh_config
# $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
Host *
GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
# Send locale-related environment variables
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE
LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL
Protocol 2
PermitRootLogin no
AllowUsers myUserName
MaxAuthTries 4
Of course, I change myUserName to what it should be! Thanks.
Dotan Cohen
http://lyricslist.com/lyrics/artist_albums/568/5th_ward_boyz.html
http://bybon.com
More information about the fedora-list
mailing list