78 lines
3.5 KiB
Plaintext
78 lines
3.5 KiB
Plaintext
# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $
|
|
|
|
# This is the ssh client system-wide configuration file. See
|
|
# ssh_config(5) for more information. This file provides defaults for
|
|
# users, and the values can be changed in per-user configuration files
|
|
# or on the command line.
|
|
|
|
# Configuration data is parsed as follows:
|
|
# 1. command line options
|
|
# 2. user-specific file
|
|
# 3. system-wide file
|
|
# Any configuration value is only changed the first time it is set.
|
|
# Thus, host-specific definitions should be at the beginning of the
|
|
# configuration file, and defaults at the end.
|
|
|
|
# Site-wide defaults for some commonly used options. For a comprehensive
|
|
# list of available options, their meanings and defaults, please see the
|
|
# ssh_config(5) man page.
|
|
|
|
# Host *
|
|
# ForwardAgent no
|
|
# ForwardX11 no
|
|
# RhostsRSAAuthentication no
|
|
# RSAAuthentication yes
|
|
# PasswordAuthentication yes
|
|
# HostbasedAuthentication no
|
|
# GSSAPIAuthentication no
|
|
# GSSAPIDelegateCredentials no
|
|
# GSSAPIKeyExchange no
|
|
# GSSAPITrustDNS no
|
|
# BatchMode no
|
|
# CheckHostIP yes
|
|
# AddressFamily any
|
|
# ConnectTimeout 0
|
|
# StrictHostKeyChecking ask
|
|
# IdentityFile ~/.ssh/identity
|
|
# IdentityFile ~/.ssh/id_rsa
|
|
# IdentityFile ~/.ssh/id_dsa
|
|
# IdentityFile ~/.ssh/id_ecdsa
|
|
# IdentityFile ~/.ssh/id_ed25519
|
|
# Port 22
|
|
# Protocol 2
|
|
# Cipher 3des
|
|
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
|
|
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
|
|
# EscapeChar ~
|
|
# Tunnel no
|
|
# TunnelDevice any:any
|
|
# PermitLocalCommand no
|
|
# VisualHostKey no
|
|
# ProxyCommand ssh -q -W %h:%p gateway.example.com
|
|
# RekeyLimit 1G 1h
|
|
#
|
|
# Uncomment this if you want to use .local domain
|
|
# Host *.local
|
|
# CheckHostIP no
|
|
|
|
# Ciphers and keyring
|
|
Ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc
|
|
MACs hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
|
|
GSSAPIKexAlgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-
|
|
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
|
|
PubkeyAcceptedKeyTypes ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com
|
|
CASignatureAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa
|
|
|
|
|
|
Host *
|
|
GSSAPIAuthentication yes
|
|
# If this option is set to yes then remote X11 clients will have full access
|
|
# to the original X11 display. As virtually no X11 client supports the untrusted
|
|
# mode correctly we set this to yes.
|
|
ForwardX11Trusted yes
|
|
# Send locale-related environment variables
|
|
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
|
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
|
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
|
|
SendEnv XMODIFIERS
|
