# SSH configuration file. # # Some options are set even if they are default to prevent /etc/ssh/ssh_config # from overwriting them. # Copyright (C) 2011-2013 Simon Ruderich # # This file is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This file is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this file. If not, see . # Undocumented (and not very well tested) feature. This drops the connection # after 5 seconds of inactivity. Thanks to shad0VV in #openssh on Freenode # (2012-11-04 18:40 CET) for telling me about this undocumented feature. # # ServerAliveCountMax 0 # ServerAliveInterval 5 # Rules for all hosts. Host * # Force protocol version 2 which is more secure. Protocol 2 # Disable X11 and agent forwarding for security reasons. ForwardX11 no ForwardAgent no # Don't trust remote X11 clients. If enabled allows bad admins complete access # to local X11! ForwardX11Trusted no # Abort if not all requested port forwardings can be set up. ExitOnForwardFailure yes # Allow using -M (ControlMaster) to create a master SSH session which # "tunnels" other connections to the same host, thus reducing the number of # authentications (which are relatively slow) and TCP connections. The master # sockets are stored in ~/.ssh (by default ControlPath is not set). ControlPath ~/.ssh/master-%l-%h-%p-%r # Don't send any environment variables. SendEnv # Check host IP in known_hosts when connecting to detect DNS spoofing. CheckHostIP yes # Ask before adding any host keys to ~/.ssh/known_hosts. StrictHostKeyChecking ask