SSHD: Effective Values of Keywords

By default, the sshd service uses the configuration file /etc/ssh/sshd_config. There the service can be configured in detail using keyword/value pairs. There are around 80 such keywords (depending on the SSH version). If a keyword is not listed in the configuration file, then a default value applies. However, this can depend on the version of SSH used. Then it is not always clear what value a certain keyword has. But that can be found out very easily with the help of sshd itself! There is an “extended test mode” for this, which can be started with the “-T” option. Sshd then checks the validity of the current configuration, prints the effective configuration, and then exits:

# sshd -T
port 22
addressfamily inet
listenaddress 0.0.0.0:22
usepam yes
logingracetime 120
x11displayoffset 10
x11maxdisplays 1000
maxauthtries 6
maxsessions 1024
clientaliveinterval 60
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin forced-commands-only
…
#

Root privileges are required.

This makes it very easy to determine the effective value of any keyword.

%d bloggers like this: