audit_channels (string, rw:r) | |
---|---|
Default: "" | |
A comma separated list of channel types to be audited. See also Section 4.25.2.7, Auditing SSH channels. |
auth_agent_forward (boolean, w:r) | |
---|---|
Default: FALSE | |
Authenticate using the data received from the agent during agent-forwarding. |
client_channel (complex, r:r) | |
---|---|
Default: | |
A normative policy hash defining the action to take when a specific channel type is opened on the client side. See Section 4.25.2.1, Configuring policies for SSH channels for details. |
client_cipher_algos (string, rw:r) | |
---|---|
Default: "aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,3des-cbc,arcfour" | |
A comma separated list of symmetric cipher algorithms permitted on the client side, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
client_comp_algos (string, rw:r) | |
---|---|
Default: | |
A comma separated list of compression algorithms, in the order of preference. Currently no compression algorithm is supported. |
client_hostkey_algos (string, rw:r) | |
---|---|
Default: "ssh-rsa,ssh-dss" | |
A comma separated list of hostkey algorithms permitted on the client side, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
client_kex_algos (string, rw:r) | |
---|---|
Default: "diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" | |
A comma separated list of allowed key exchange algorithms permitted on the client side, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
client_mac_algos (string, rw:r) | |
---|---|
Default: "hmac-sha1,hmac-md5" | |
A comma separated list of MAC algorithms, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
client_request (complex, r:r) | |
---|---|
Default: | |
A normative policy hash defining the action to take when a specific channel request is received from the client side. See Section 4.25.2.2, Configuring policies for SSH requests for details. |
connection_start (enum, rw:r) | |
---|---|
Default: SSH_CONN_START_IMMEDIATELY | |
Specifies when is the server-side connection started. When using agent authentication, set it to SSH_CONN_START_AFTER_PROXY_AUTH .
|
host_key_x509_dss (string, rw:r) | |
---|---|
Default: | |
The DSS host key in openssl PEM format used when communicating
with SSH clients. Either host_key_rsa
or host_key_dss is required.
|
host_key_x509_dss_certificate (string, rw:r) | |
---|---|
Default: | |
The DSS host key in openssl PEM format used when communicating
with SSH clients. Either host_key_rsa
or host_key_dss is required.
|
host_key_x509_dss_files (certificate, rw:r) | |
---|---|
Default: | |
A tuple of two file names containing the certificate and key files for the DSS host key in PEM format. |
host_key_x509_rsa (string, rw:r) | |
---|---|
Default: | |
The RSA host key in openssl PEM format used when communicating
with SSH clients. Either host_key_rsa
or host_key_dss is
required.
|
host_key_x509_rsa_certificate (string, rw:r) | |
---|---|
Default: | |
The RSA host key in openssl PEM format used when communicating
with SSH clients. Either host_key_rsa
or host_key_dss is
required.
|
host_key_x509_rsa_files (certificate, rw:r) | |
---|---|
Default: | |
A tuple of two file names containing the certificate and key files for the RSA host key in PEM format. |
max_kbdint_prompt_len (integer, rw:r) | |
---|---|
Default: 128 | |
Specifies the maximum length of a prompt in the keyboard-interactive authentication method. |
max_kbdint_prompts (integer, rw:r) | |
---|---|
Default: 10 | |
Specifies the maximum number of prompts in the keyboard-interactive authentication method. |
max_kbdint_response_len (integer, rw:r) | |
---|---|
Default: 128 | |
Specifies the maximum length of a response in the keyboard-interactive authentication method. |
server_channel (complex, r:r) | |
---|---|
Default: | |
A normative policy hash defining the action to take when a specific channel type is opened on the server side. See Section 4.25.2.1, Configuring policies for SSH channels for details. |
server_comp_algos (string, rw:r) | |
---|---|
Default: | |
A comma separated list of compression algorithms permitted on the server side, in the order of preference. Currently no compression algorithm is supported. |
server_hostkey_algos (string, rw:r) | |
---|---|
Default: "ssh-rsa,ssh-dss" | |
A comma separated list of hostkey algorithms permitted on the server side, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
server_kex_algos (string, rw:r) | |
---|---|
Default: "diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" | |
A comma separated list of key exchange algorithms permitted on the server side, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
server_mac_algos (string, rw:r) | |
---|---|
Default: "hmac-sha1,hmac-md5" | |
A comma separated list of MAC algorithms permitted on the server side, in the order of preference. See Section 4.25.2.5, Configuring encryption parameters for details. |
server_request (complex, r:r) | |
---|---|
Default: | |
A normative policy hash defining the action to take when a specific channel request is received from the server side. See Section 4.25.2.2, Configuring policies for SSH requests for details. |
timeout (integer, rw:r) | |
---|---|
Default: 600000 | |
I/O timeout in milliseconds. If no activity is detected within this period interval, the connection is terminated. |
Published on June 04, 2020
© 2007-2019 BalaSys
Send your comments to support@balasys.hu