view release on metacpan or  search on metacpan

lib/Config/Model/models/Sshd.pod  view on Meta::CPAN

aes256-cbc 
aes128-ctr 
aes192-ctr 
aes256-ctr 
aes128-gcm@openssh.com 
aes256-gcm@openssh.com 
chacha20-poly1305@openssh.comThe default
is:chacha20-poly1305@openssh.com,

aes128-ctr,aes192-ctr,aes256-ctr, 
aes128-gcm@openssh.com,aes256-gcm@openssh.comThe list of
available ciphers may also be obtained using "ssh -Q
cipher". I< Optional. Type uniline.  > 

=head2 Compression

B<Compression>Specifies whether compression
is enabled after the user has authenticated successfully.
The argument must be B<yes>, B<delayed> (a legacy
synonym for B<yes>) or B<no>. The default is
B<yes>. I< Optional. Type enum. choice: 'yes', 'delayed', 'no'.  > 

=over 4

=item upstream_default value :

yes

=back



=head2 DebianBanner

B<DebianBanner>Specifies whether the
distribution-specified extra version suffix is included
during initial protocol handshake. The default is
B<yes>. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

yes

=back



=head2 DisableForwarding

B<DisableForwarding>Disables all forwarding
features, including X11, L<ssh-agent(1)>, TCP and StreamLocal.
This option overrides all other forwarding-related options
and may simplify restricted configurations. I< Optional. Type uniline.  > 

=head2 ExposeAuthInfo

B<ExposeAuthInfo>Writes a temporary file
containing a list of authentication methods and public
credentials (e.g. keys) used to authenticate the user. The
location of the file is exposed to the user session through
the SSH_USER_AUTH environment variable. The default is
B<no>. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

no

=back



=head2 FingerprintHash

B<FingerprintHash>Specifies the hash algorithm
used when logging key fingerprints. Valid options are:
B<md5> and B<sha256>. The default is
B<sha256>. I< Optional. Type enum. choice: 'md5', 'sha256'.  > 

=over 4

=item upstream_default value :

sha256

=back



=head2 GSSAPIKeyExchange

B<GSSAPIKeyExchange>Specifies whether key exchange
based on GSSAPI is allowed. GSSAPI key exchange
doesn’t rely on ssh keys to verify host identity. The
default is B<no>. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

no

=back



=head2 GSSAPICleanupCredentials

B<GSSAPICleanupCredentials>Specifies whether to
automatically destroy the user’s credentials cache on
logout. The default is B<yes>. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

yes

=back



=head2 GSSAPIStrictAcceptorCheck

B<GSSAPIStrictAcceptorCheck>Determines whether to be strict
about the identity of the GSSAPI acceptor a client
authenticates against. If set to B<yes> then the client
must authenticate against the host service on the current
hostname. If set to B<no> then the client may
authenticate against any service key stored in the
machine’s default store. This facility is provided to
assist with operation on multi homed machines. The default
is B<yes>. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

yes

=back



=head2 GSSAPIStoreCredentialsOnRekey

B<GSSAPIStoreCredentialsOnRekey>Controls whether the
user’s GSSAPI credentials should be updated following
a successful connection rekeying. This option can be used to
accepted renewed or updated credentials from a compatible
client. The default is B<no>. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

no

=back



=head2 HostCertificate

B<HostCertificate>Specifies a file containing a
public host certificate. The certificate’s public key
must match a private host key already specified by
B<HostKey>. The default behaviour of L<sshd(8)> is not to
load any certificates. I< Optional. Type uniline.  > 

=head2 HostKey

B<HostKey>Specifies a file containing a
private host key used by SSH. The defaults are
I</etc/ssh/ssh_host_ecdsa_key>,
I</etc/ssh/ssh_host_ed25519_key> and
I</etc/ssh/ssh_host_rsa_key>.Note that
L<sshd(8)> will refuse to use a file if it is
group/world-accessible and that the B<HostKeyAlgorithms>
option restricts which of the keys are actually used by
L<sshd(8)>.It is possible
to have multiple host key files. It is also possible to
specify public host key files instead. In this case
operations on the private key will be delegated to an
L<ssh-agent(1)>. I< Optional. Type uniline.  > 

=head2 HostKeyAgent

B<HostKeyAgent>Identifies the UNIX-domain
socket used to communicate with an agent that has access to
the private host keys. If the string
"SSH_AUTH_SOCK" is specified, the location of the
socket will be read from the SSH_AUTH_SOCK environment
variable. I< Optional. Type uniline.  > 

=head2 HostKeyAlgorithms

B<HostKeyAlgorithms>Specifies the host key
algorithms that the server offers. The default for this
option is:ecdsa-sha2-nistp256-cert-v01@openssh.com,

ecdsa-sha2-nistp384-cert-v01@openssh.com, 
ecdsa-sha2-nistp521-cert-v01@openssh.com, 
ssh-ed25519-cert-v01@openssh.com, 

rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,

ssh-rsa-cert-v01@openssh.com, 

ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,