
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Secure Shell Background and Basic Use
|
127
There are many other options in addition to these; some of them are covered in
“Intermediate and Advanced SSH” (later in this chapter). Refer to the ssh(1)
manpage for a complete list.
Configuring and Running sshd, the Secure Shell Daemon
Editing ssh_config is sufficient if the hosts you connect to are administered by other
people. But we haven’t yet talked about configuring your own host to accept ssh con-
nections.
Like the ssh client, sshd’s default behavior is configured in a single file, sshd_config,
that resides either in /etc or wherever else you specified in SSH’s configuration direc-
tory. As with the ssh client, settings in its configuration file are overridden by com-
mand-line arguments. Unlike ssh, however, there are no configuration files for the
daemon in individual users’ home directories; ordinary users can’t dictate how the
daemon behaves.
Table 4-2 lists just a few of the things that can be set in sshd_config.
ForwardX11
Yes, No (Default=No) Whether to redirect X connections over the
encrypted tunnel and to set
DISPLAY vari-
able accordingly. Very handy feature!
PasswordAuthentication
Yes, No (Default=Yes) Whether to attempt (encrypted) Unix pass-
word authentication in addition to or instead
of trying RSA/DSA.
Table 4-2. Some sshd_config ...