| SSHD_CONFIG(5) | File Formats Manual | SSHD_CONFIG(5) | 
sshd_config —
| /etc/ssh/sshd_config | 
-f on the command line). The file contains
  keyword-argument pairs, one per line. Lines starting with
  ‘#’ and empty lines are interpreted as
  comments. Arguments may optionally be enclosed in double quotes (") in
  order to represent arguments containing spaces.
The possible keywords and their meanings are as follows (note that keywords are case-insensitive and arguments are case-sensitive):
AcceptEnvSendEnv in ssh_config(5) for how
      to configure the client. Note that environment passing is only supported
      for protocol 2. Variables are specified by name, which may contain the
      wildcard characters ‘*’ and
      ‘?’. Multiple environment variables
      may be separated by whitespace or spread across multiple
      AcceptEnv directives. Be warned that some
      environment variables could be used to bypass restricted user
      environments. For this reason, care should be taken in the use of this
      directive. The default is not to accept any environment variables.AddressFamilyAllowAgentForwardingAllowGroupsDenyUsers,
      AllowUsers, DenyGroups,
      and finally AllowGroups.
    See PATTERNS in ssh_config(5) for more information on patterns.
AllowTcpForwardingAllowUsersDenyUsers, AllowUsers,
      DenyGroups, and finally
      AllowGroups.
    See PATTERNS in ssh_config(5) for more information on patterns.
AuthenticationMethodsFor example, an argument of “publickey,password publickey,keyboard-interactive” would require the user to complete public key authentication, followed by either password or keyboard interactive authentication. Only methods that are next in one or more lists are offered at each stage, so for this example, it would not be possible to attempt password or keyboard-interactive authentication before public key.
For keyboard interactive authentication it is also possible to restrict authentication to a specific device by appending a colon followed by the device identifier “bsdauth”, “pam”, or “skey”, depending on the server configuration. For example, “keyboard-interactive:bsdauth” would restrict keyboard interactive authentication to the “bsdauth” device.
This option is only available for SSH protocol 2 and will yield a fatal error if enabled if protocol 1 is also enabled. Note that each authentication method listed should also be explicitly enabled in the configuration. The default is not to require multiple authentication; successful completion of a single authentication method is sufficient.
AuthorizedKeysCommandAuthorizedKeysFile files. By default, no
      AuthorizedKeysCommand is run.AuthorizedKeysCommandUserAuthorizedKeysFileAuthorizedKeysFile may contain tokens of the form
      %T which are substituted during connection setup. The following tokens are
      defined: %% is replaced by a literal '%', %h is replaced by the home
      directory of the user being authenticated, and %u is replaced by the
      username of that user. After expansion,
      AuthorizedKeysFile is taken to be an absolute path
      or one relative to the user's home directory. Multiple files may be
      listed, separated by whitespace. The default is
      “.ssh/authorized_keys .ssh/authorized_keys2”.AuthorizedPrincipalsFileTrustedUserCAKeys, this file lists names, one
      of which must appear in the certificate for it to be accepted for
      authentication. Names are listed one per line preceded by key options (as
      described in AUTHORIZED_KEYS FILE FORMAT in sshd(8)).
      Empty lines and comments starting with
      ‘#’ are ignored.
    AuthorizedPrincipalsFile may contain
        tokens of the form %T which are substituted during connection setup. The
        following tokens are defined: %% is replaced by a literal '%', %h is
        replaced by the home directory of the user being authenticated, and %u
        is replaced by the username of that user. After expansion,
        AuthorizedPrincipalsFile is taken to be an
        absolute path or one relative to the user's home directory.
The default is “none”, i.e. not to use a
        principals file – in this case, the username of the user must
        appear in a certificate's principals list for it to be accepted. Note
        that AuthorizedPrincipalsFile is only used when
        authentication proceeds using a CA listed in
        TrustedUserCAKeys and is not consulted for
        certification authorities trusted via
        ~/.ssh/authorized_keys, though the
        principals= key option offers a similar facility
        (see sshd(8) for details).
BannerChallengeResponseAuthenticationChrootDirectoryThe pathname may contain the following tokens that are expanded at runtime once the connecting user has been authenticated: %% is replaced by a literal '%', %h is replaced by the home directory of the user being authenticated, and %u is replaced by the username of that user.
The ChrootDirectory must contain the
        necessary files and directories to support the user's session. For an
        interactive session this requires at least a shell, typically
        sh(1), and basic /dev nodes
        such as null(4), zero(4),
        stdin(4), stdout(4),
        stderr(4), arandom(4) and
        tty(4) devices. For file transfer sessions using
        “sftp”, no additional configuration of the environment is
        necessary if the in-process sftp server is used, though sessions which
        use logging do require /dev/log inside the
        chroot directory (see sftp-server(8) for details).
The default is not to chroot(2).
CiphersThe default is:
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-gcm@openssh.com,aes256-gcm@openssh.com,
chacha20-poly1305@openssh.com
    
    The list of available ciphers may also be obtained using the
        -Q option of ssh(1).
ClientAliveCountMaxTCPKeepAlive (below). The client alive
      messages are sent through the encrypted channel and therefore will not be
      spoofable. The TCP keepalive option enabled by
      TCPKeepAlive is spoofable. The client alive
      mechanism is valuable when the client or server depend on knowing when a
      connection has become inactive.
    The default value is 3. If
        ClientAliveInterval (see below) is set to 15,
        and ClientAliveCountMax is left at the default,
        unresponsive SSH clients will be disconnected after approximately 45
        seconds. This option applies to protocol version 2 only.
ClientAliveIntervalCompressionDenyGroupsDenyUsers,
      AllowUsers, DenyGroups,
      and finally AllowGroups.
    See PATTERNS in ssh_config(5) for more information on patterns.
DenyUsersDenyUsers,
      AllowUsers, DenyGroups,
      and finally AllowGroups.
    See PATTERNS in ssh_config(5) for more information on patterns.
ForceCommandForceCommand, ignoring any command supplied by the
      client and ~/.ssh/rc if present. The command is
      invoked by using the user's login shell with the -c option. This applies
      to shell, command, or subsystem execution. It is most useful inside a
      Match block. The command originally supplied by
      the client is available in the
      SSH_ORIGINAL_COMMAND environment variable.
      Specifying a command of “internal-sftp” will force the use
      of an in-process sftp server that requires no support files when used with
      ChrootDirectory.GatewayPortsGatewayPorts can be
      used to specify that sshd should allow remote port forwardings to bind to
      non-loopback addresses, thus allowing other hosts to connect. The argument
      may be “no” to force remote port forwardings to be available
      to the local host only, “yes” to force remote port
      forwardings to bind to the wildcard address, or
      “clientspecified” to allow the client to select the address
      to which the forwarding is bound. The default is “no”.GSSAPIAuthenticationGSSAPICleanupCredentialsHostbasedAuthenticationRhostsRSAAuthentication and applies to protocol
      version 2 only. The default is “no”.HostbasedUsesNameFromPacketOnlyHostbasedAuthentication. A setting of
      “yes” means that sshd(8) uses the name
      supplied by the client rather than attempting to resolve the name from the
      TCP connection itself. The default is “no”.HostCertificateHostKey. The default behaviour of
      sshd(8) is not to load any certificates.HostKeyHostKeyAgentSSH_AUTH_SOCK environment variable.IgnoreRhostsRhostsRSAAuthentication or
      HostbasedAuthentication.
    /etc/hosts.equiv and /etc/shosts.equiv are still used. The default is “yes”.
IgnoreUserKnownHostsRhostsRSAAuthentication or
      HostbasedAuthentication. The default is
      “no”.IPQoSKbdInteractiveAuthenticationChallengeResponseAuthentication is set to (by
      default “yes”).KerberosAuthenticationPasswordAuthentication will be validated through
      the Kerberos KDC. To use this option, the server needs a Kerberos servtab
      which allows the verification of the KDC's identity. The default is
      “no”.KerberosGetAFSTokenKerberosOrLocalPasswdKerberosTicketCleanupKexAlgorithmsThe default is:
curve25519-sha256@libssh.org,
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group14-sha1
    
    KeyRegenerationIntervalListenAddressListenAddress
          host|IPv4_addr|IPv6_addrListenAddress
          host|IPv4_addr:portListenAddress
          [host|IPv6_addr]:portIf port is not specified, sshd will
        listen on the address and all prior Port options
        specified. The default is to listen on all local addresses. Multiple
        ListenAddress options are permitted.
        Additionally, any Port options must precede this
        option for non-port qualified addresses.
LoginGraceTimeLogLevelMACsThe default is:
umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
umac-64@openssh.com,umac-128@openssh.com,
hmac-sha2-256,hmac-sha2-512
    
    MatchMatch line are satisfied, the keywords on the
      following lines override those set in the global section of the config
      file, until either another Match line or the end
      of the file. If a keyword appears in multiple
      Match blocks that are satisified, only the first
      instance of the keyword is applied.
    The arguments to Match are one or more
        criteria-pattern pairs or the single token All
        which matches all criteria. The available criteria are
        User, Group,
        Host, LocalAddress,
        LocalPort, and Address.
        The match patterns may consist of single entries or comma-separated
        lists and may use the wildcard and negation operators described in the
        PATTERNS section of ssh_config(5).
The patterns in an Address criteria
        may additionally contain addresses to match in CIDR address/masklen
        format, e.g. “192.0.2.0/24” or
        “3ffe:ffff::/32”. Note that the mask length provided must
        be consistent with the address - it is an error to specify a mask length
        that is too long for the address or one with bits set in this host
        portion of the address. For example, “192.0.2.0/33” and
        “192.0.2.0/8” respectively.
Only a subset of keywords may be used on the lines following a
        Match keyword. Available keywords are
        AcceptEnv,
        AllowAgentForwarding,
        AllowGroups,
        AllowTcpForwarding,
        AllowUsers,
        AuthenticationMethods,
        AuthorizedKeysCommand,
        AuthorizedKeysCommandUser,
        AuthorizedKeysFile,
        AuthorizedPrincipalsFile,
        Banner, ChrootDirectory,
        DenyGroups, DenyUsers,
        ForceCommand,
        GatewayPorts,
        GSSAPIAuthentication,
        HostbasedAuthentication,
        HostbasedUsesNameFromPacketOnly,
        KbdInteractiveAuthentication,
        KerberosAuthentication,
        MaxAuthTries,
        MaxSessions,
        PasswordAuthentication,
        PermitEmptyPasswords,
        PermitOpen,
        PermitRootLogin,
        PermitTTY, PermitTunnel,
        PubkeyAuthentication,
        RekeyLimit,
        RhostsRSAAuthentication,
        RSAAuthentication,
        X11DisplayOffset,
        X11Forwarding and
        X11UseLocalHost.
MaxAuthTriesMaxSessionsMaxStartupsLoginGraceTime
      expires for a connection. The default is 10:30:100.
    Alternatively, random early drop can be enabled by specifying the three colon separated values “start:rate:full” (e.g. "10:30:60"). sshd(8) will refuse connection attempts with a probability of “rate/100” (30%) if there are currently “start” (10) unauthenticated connections. The probability increases linearly and all connection attempts are refused if the number of unauthenticated connections reaches “full” (60).
PasswordAuthenticationPermitEmptyPasswordsPermitOpenPermitOpen
          host:portPermitOpen
          IPv4_addr:portPermitOpen
          [IPv6_addr]:portMultiple forwards may be specified by separating them with whitespace. An argument of “any” can be used to remove all restrictions and permit any forwarding requests. An argument of “none” can be used to prohibit all forwarding requests. By default all port forwarding requests are permitted.
PermitRootLoginIf this option is set to “without-password”, password authentication is disabled for root.
If this option is set to “forced-commands-only”, root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root.
If this option is set to “no”, root is not allowed to log in.
PermitTunnelPermitTTYPermitUserEnvironmentenvironment= options in
      ~/.ssh/authorized_keys are processed by
      sshd(8). The default is “no”. Enabling
      environment processing may enable users to bypass access restrictions in
      some configurations using mechanisms such as
      LD_PRELOAD.PidFilePortListenAddress.PrintLastLogPrintMotdProtocolPubkeyAuthenticationRekeyLimitRekeyLimit is “default
      none”, which means that rekeying is performed after the cipher's
      default amount of data has been sent or received and no time based
      rekeying is done. This option applies to protocol version 2 only.RevokedKeysRhostsRSAAuthenticationRSAAuthenticationServerKeyBitsStrictModesChrootDirectory, whose permissions and ownership
      are checked unconditionally.SubsystemThe command sftp-server(8) implements the “sftp” file transfer subsystem.
Alternately the name “internal-sftp” implements
        an in-process “sftp” server. This may simplify
        configurations using ChrootDirectory to force a
        different filesystem root on clients.
By default no subsystems are defined. Note that this option applies to protocol version 2 only.
SyslogFacilityTCPKeepAliveThe default is “yes” (to send TCP keepalive messages), and the server will notice if the network goes down or the client host crashes. This avoids infinitely hanging sessions.
To disable TCP keepalive messages, the value should be set to “no”.
TrustedUserCAKeys#’ are allowed. If a certificate is
      presented for authentication and has its signing CA key listed in this
      file, then it may be used for authentication for any user listed in the
      certificate's principals list. Note that certificates that lack a list of
      principals will not be permitted for authentication using
      TrustedUserCAKeys. For more details on
      certificates, see the CERTIFICATES section in
      ssh-keygen(1).UseDNSUseLoginX11Forwarding
      will be disabled because login(1) does not know how to
      handle xauth(1) cookies. If
      UsePrivilegeSeparation is specified, it will be
      disabled after authentication.UsePAMChallengeResponseAuthentication and
      PasswordAuthentication in addition to PAM account
      and session module processing for all authentication types.
    Because PAM challenge-response authentication usually serves
        an equivalent role to password authentication, you should disable either
        PasswordAuthentication or
        ChallengeResponseAuthentication.
If UsePAM is enabled, you will not be
        able to run sshd(8) as a non-root user. The default is
        “no”.
UsePrivilegeSeparationUsePrivilegeSeparation is set to
      “sandbox” then the pre-authentication unprivileged process
      is subject to additional restrictions.VersionAddendumX11DisplayOffsetX11ForwardingWhen X11 forwarding is enabled, there may be additional
        exposure to the server and to client displays if the
        sshd(8) proxy display is configured to listen on the
        wildcard address (see X11UseLocalhost below),
        though this is not the default. Additionally, the authentication
        spoofing and authentication data verification and substitution occur on
        the client side. The security risk of using X11 forwarding is that the
        client's X11 display server may be exposed to attack when the SSH client
        requests forwarding (see the warnings for
        ForwardX11 in ssh_config(5)).
        A system administrator may have a stance in which they want to protect
        clients that may expose themselves to attack by unwittingly requesting
        X11 forwarding, which can warrant a “no” setting.
Note that disabling X11 forwarding does not prevent users from
        forwarding X11 traffic, as users can always install their own
        forwarders. X11 forwarding is automatically disabled if
        UseLogin is enabled.
X11UseLocalhostDISPLAY environment variable
      to “localhost”. This prevents remote hosts from connecting
      to the proxy display. However, some older X11 clients may not function
      with this configuration. X11UseLocalhost may be
      set to “no” to specify that the forwarding server should be
      bound to the wildcard address. The argument must be “yes” or
      “no”. The default is “yes”.XAuthLocationEach member of the sequence is added together to calculate the total time value.
Time format examples:
| March 28, 2014 | BSD |