/home/wpollock.com/wpollock> ls -ld . .ssh .ssh/* drwxr-xr-x 9 wpollock wpollock 4096 Jul 26 10:57 ./ drwxr-xr-x 2 wpollock wpollock 4096 Jul 26 11:28 .ssh/ -rw-r--r-- 1 wpollock wpollock 620 Jul 26 11:28 .ssh/authorized_keys -rw------- 1 wpollock wpollock 672 Jul 26 11:27 .ssh/id_dsa -rw-r--r-- 1 wpollock wpollock 620 Jul 26 11:27 .ssh/id_dsa.pub [root@ybor /etc]# cd /etc/ssh [root@ybor ssh]# ls -la total 68 drwxr-xr-x 2 root root 4096 Jul 27 12:57 . drwxr-xr-x 44 root root 4096 Jul 27 12:32 .. -rw------- 1 root root 26287 Jun 17 00:51 moduli -rw-r--r-- 1 root root 1100 Jul 27 12:21 ssh_config -rw------- 1 root root 668 Jul 26 10:32 ssh_host_dsa_key -rw-r--r-- 1 root root 590 Jul 26 10:32 ssh_host_dsa_key.pub -rw------- 1 root root 515 Jul 26 10:32 ssh_host_key -rw-r--r-- 1 root root 319 Jul 26 10:32 ssh_host_key.pub -rw------- 1 root root 887 Jul 26 10:32 ssh_host_rsa_key -rw-r--r-- 1 root root 210 Jul 26 10:32 ssh_host_rsa_key.pub -rw------- 1 root root 1795 Jul 27 12:57 sshd_config [root@ybor ssh]# cat sshd_config # $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $ # This sshd was compiled with PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin # This is the sshd server system-wide configuration file. See sshd(8) # for more information. Port 22 #Protocol 2,1 ListenAddress 0.0.0.0 #ListenAddress :: HostKey /etc/ssh/ssh_host_key HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key ServerKeyBits 1024 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes #PrintLastLog no KeepAlive yes # Logging SyslogFacility AUTH #LogLevel DEBUG LogLevel INFO #obsoletes QuietMode and FascistLogging RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #ChallengeResponseAuthentication no # Uncomment to enable PAM keyboard-interactive authentication # Warning: enabling this may bypass the setting of 'PasswordAuthentication' #PAMAuthenticationViaKbdInt yes # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes #CheckMail yes #UseLogin no #MaxStartups 10:30:60 Banner /etc/issue.net #ReverseMappingCheck yes Subsystem sftp /usr/libexec/openssh/sftp-server [root@ybor ssh]# cat ssh_config # $OpenBSD: ssh_config,v 1.10 2001/04/03 21:19:38 todd Exp $ # This is ssh client systemwide configuration file. See ssh(1) for more # information. This file provides defaults for users, and the values can # be changed in per-user configuration files or on the command line. # Configuration data is parsed as follows: # 1. command line options # 2. user-specific file # 3. system-wide file # Any configuration value is only changed the first time it is set. # Thus, host-specific definitions should be at the beginning of the # configuration file, and defaults at the end. # Site-wide defaults for various options Host * Compression yes CompressionLevel 6 KeepAlive yes # ForwardAgent no # ForwardX11 no # RhostsAuthentication no # RhostsRSAAuthentication yes RSAAuthentication yes # PasswordAuthentication yes FallBackToRsh no # UseRsh no # BatchMode no # CheckHostIP yes # StrictHostKeyChecking yes # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_dsa # IdentityFile ~/.ssh/id_rsa # Port 22 # Protocol 2,1 # Cipher blowfish EscapeChar ~ [root@ybor ssh]# cd /etc/pam.d [root@ybor pam.d]# ls -l sshd -rw------- 1 root root 410 Jun 17 00:51 sshd [root@ybor pam.d]# cat sshd #%PAM-1.0 auth required pam_abl.so config=/etc/security/pam_abl.conf auth required pam_stack.so service=system-auth account required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session required pam_loginuid.so