Securing-Optimizing-RH-Linux-1_2_187
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
187
This option PasswordGuesses specifies how many tries the user has when using password
authentication.
MaxConnections 5
This option MaxConnections specifies what is the maximum number of connections that ssh2
daemon will handle simultaneously.
PermitRootLogin no
This option PermitRootLogin specifies whether root can log in using ssh. Never say, yes to this
option.
AllowedAuthentications publickey,password
This option AllowedAuthentications specifies which authentications methods are allow to be
used. With this option the administrator can force users to complete several authentications
before they are considered authenticated.
RequiredAuthentications publickey,password
This option RequiredAuthentications related to AllowedAuthentications, specifies which
authentication methods the users must complete before continuing. This parameter must be the
same as for AllowedAuthentications option or, the server will denies connection every time.
VerboseMode no
This option VerboseMode specifies ssh2 daemon to print debugging messages about its
progress. This option is helpful in debugging connection, authentication, and configuration
problems.
PrintMotd yes
This option PrintMotd specifies whether ssh2 daemon should print the content of the /etc/motd
file when a user logs in interactively. The /etc/motd file is also know as the message of the
day.
CheckMail yes
This option CheckMail specifies whether ssh2 daemon should print information about new mail
you may have.
UserConfigDirectory "%D/.ssh2"
This option UserConfigDirectory specifies the default location for user-specific configuration
data.
SyslogFacility DAEMON
This option SyslogFacility specifies the facility code used when logging messages from ssh2
daemon. The facility specifies the subsystem that produced the message, in our case DAEMON.
Ssh1Compatibility no
This option Ssh1Compatibility specifies whether to use SSH1 compatibility code with SSH2 for
ssh1 users.
NoDelay yes
This option NoDelay specifies if socket option TCP_NODELAY must be enable. It is
recomanded to set this option to yes to improve network performance.
KeepAlive yes
This option KeepAlive specifies whether the system should send keep alive messages to the
remote server. If set to yes then death of the connection or crash of remote machines will be
properly noticed.