Start ssh 'yes' or 'no'

Default: START_SSH='yes' Start method for sshd.
'st' start sshd as standalone server.
'xi' start sshd via xinetd. 'xi' requires START_XINETD='yes'.
Default: SSHD_START_METHOD='st' The ssh port to use, see also FIREWALL_DENY_PORT_x

Default: SSH_PORT='22' Use ssh1 protocol

Default: SSH_USE_SSH1='no' Use ssh2 protocol

Default: SSH_USE_SSH2='yes' Server keybits

Default: SSH_SVR_KEYBITS='1536' Number of addresses sshd should listen to
0 - listen on all local addresses

Default: SSH_LISTEN_ADDR_N='0' First IP address, sshd should listen to use n'th ethernet card configured in /etc/config.d/base. E.g. SSH_LISTEN_ADDR_1='2' points to IP_NET_2_IPADDR in /etc/config.d/base. Number of user name patterns. Login is allowed only for user names that match one of the pattern. '*' and '?' can be used as wildcards in the patterns.
0 - login is allowed for all users.

Default: SSH_ALLOW_USER_N='0' First user name pattern.
Number of user name patterns. Login is disallowed only for user names that match one of the pattern. '*' and '?' can be used as wildcards in the patterns.
0 - login is allowed for all users.

Default: SSH_DENY_USER_N='0' First user name pattern.
Number of group name patterns. Login is allowed only for users whose primary group or supplementary group matches one of the pattern. '*' and '?' can be used as wildcards in the patterns.
0 - login is allowed for all groups
Default: SSH_ALLOW_GROUP_N='0' First group name pattern.
Number of group name patterns. Login is disallowed only for users whose primary group or supplementary group matches one of the pattern. '*' and '?' can be used as wildcards in the patterns.
0 - login is allowed for all groups

Default: SSH_DENY_GROUP_N='0' First group name pattern.
Secifies whether root can login using ssh.
'yes' - User root can login
'no' - User root can't login
'without-password' - User root can only login with configured public ssh key. Password authentication for user root is disabled. Note that other authentications (e.g. keyboard-interactive/ PAM) may still allow root to login using a password.
'forced-commands-only' - User root login with public key authentication will be allowed, but only if the command option has been specified.

Default: SSH_PERMITROOTLOGIN='yes' Number of public keys or keyfiles to add to /root/.ssh/authorized_keys

Default: SSH_PUBLIC_KEY_N='0' Public key like 'id_rsa.pub' generated by ssh-keygen.

Option 1: If the first character is a slash (/) the value is interpreted as an absolut pathname of a file. The content of this file is added to the file '/root/.ssh/authorized_keys'. E. g.: SSH_PUBLIC_KEY_1=/root/.ssh/id_rsa.pub

Option 2: You can write the whole content of such an public key file directly into this field. Probably it would be easier to c&p the public key to prevent typos. Note to use the whole content which includes the key type on the beginning and <user>@<host> on the end. E. g.: SSH_PUBLIC_KEY_2=ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAA... root@eis
Maximum number of concurrent unauthenticated connections.

Default: SSH_MAX_STARTUPS='10' Enable privilege separation: 'yes' or 'no'

Default: SSH_ENABLE_PRIV_SEPARATION='no' Allow compression: 'yes' or 'no'

Default: SSH_COMPRESSION='yes' Use Strictmodes: 'yes' or 'no'

Default: SSH_STRICTMODES='yes' Allow password authentication 'yes' or 'no'. If password authentication is not allowed you have to use key authentication. Check that key authentication works fine before you set SSH_PASSWDAUTH to 'no'!

Default: SSH_PASSWDAUTH='yes' Enable Pluggable Authentication Module interface (PAM) 'yes' or 'no'.

Default: SSH_USEPAM='no' Allow challenge response authentication 'yes' or 'no'.

Default: SSH_CH_RESPONSEAUTH='yes' Timeout interval in seconds for client alive message.
0 - no message

Default: SSH_CLIENTALIVEINTERVAL='0' Number of client alive messages until disconnection.

Default: SSH_CLIENTALIVECOUNTMAX='3' Activate sftp: 'yes' or 'no'

Default: SSH_ENABLE_SFTP='yes' Verbosity level that is used when logging messages from sshd. Values 'QUIET', 'FATAL', 'ERROR', 'INFO', 'VERBOSE', 'DEBUG', 'DEBUG1', 'DEBUG2' or 'DEBUG3' are allowed.
Logging with a DEBUG level violates the privacy of users and is not recommended!

Default: SSH_LOGLEVEL='INFO'