# NetYCE 2018

Protocol 2

SyslogFacility AUTHPRIV

PasswordAuthentication yes
PermitRootLogin no

ChallengeResponseAuthentication no

GSSAPIAuthentication yes
GSSAPICleanupCredentials yes

UsePAM yes

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

X11Forwarding yes

# no reverse lookups
UseDNS no

# use default subsystem, not the internal-sftp
# Subsystem       sftp    internal-sftp
Subsystem         sftp    /usr/libexec/openssh/sftp-server

# 'ycicle' user will be chroot-ed using MySecureShell and cpsh
# do not use the chroot or forcecommand options.
Match User ycicle
     AllowTCPForwarding no
     X11Forwarding no
#    ChrootDirectory /var/opt/shared
#    ForceCommand internal-sftp
#    ForceCommand /opt/yce/bin/cpsh.pl

