Linux commands, scripts, tools and systems administration

example sshd_conf and ssh_conf files to make ssh work without timeout issues, mostly default settings

A typical ssh configuration for ssh access with provisions to prevent time out from the SERVER side are
note below... the file was stripped of comments and blank lines and only lines active are shown.   

These ssh configurations are mostly universal across all Linux and UNIX systems, and setting the server side 
in sshd (for the daemon process) and ssh_config, near the bottom for the "client", will allow two way ssh 
secure connections.  

Increasing the ssh-keygen value increases the encryption security, but slows down transactions slightly.  

Remember encryption can be deciphered, it only protects time-sensitive information and keeps the opportunistic 
thief from messing with it.  You can't hide behind this and expect total secrecy. If you can encrypt it... 
someone else can decrypt it.  It's just math, math that takes permutations and time to solve.  
	If the government wants to see what you're sending via ssh, they can.  Quit being so paranoid anyway.  :)


to capture this string from the "SERVER":

    cat /etc/ssh/sshd_config | grep -v ^# | grep -v ^$ > typical-server-sshd_config.txt


AuthorizedKeysFile	.ssh/authorized_keys
PasswordAuthentication no
UsePAM yes
X11Forwarding yes
X11UseLocalhost no
UsePrivilegeSeparation sandbox		# Default for new installations.
ClientAliveInterval 30
ClientAliveCountMax 5
Subsystem	sftp	/usr/lib/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL

CLIENT SIDE:   (client would be the workstation you are on, connecting to the "server")

	cat /etc/ssh/ssh_config | grep -v ^# | grep -v ^$ 

Host *
ForwardX11Trusted yes
    Protocol 2
ServerAliveInterval 15
ServerAliveCountMax 3
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL
VisualHostKey no
HashKnownHosts yes
SEARCH and Navigation TOOL
Google     select a domain to search or visit.
(use back key to return )

johnmeister.com/jeep/sj
 JeepMeister
"Jeep is America's
only real sports car."
-Enzo Ferrari
JohnMeister.com LinuxMeister
MeisterTech FotoMeister.us
BibleTech the rest of the web
books: Linux or UNIX
selected books, bottom of page... 		Computers:

For the best synthetic lubricants, filters, and other automotive products use the free AMSOIL product guide - SELECT: year, make and model.

visit AMSOIL's site, or call 1-800-956-5695,
please use customer #283461

Buy AMSOIL at Northland Diesel in Bellingham, WA
Diesel Engines --- BioDiesel info --- Tools --- Automotive Repair Books
assorted links
Everett weather -- traffic --- News -- NASB/KJV -- Middle East
South East Asian Missions -- BibleTech -- Voice of the Martyrs

Nuts-Bolts-Wrench specs
recommended books: (these books are on my shelf, enjoyed them, know the author, contributed something to them, have taught using them, or found them to be the best available)...