Table 2. Setting Parameters in sshd_config

Parameter      Possible Values         Description
Port           number        (Default=22) TCP port the dæmon
                                 should listen on. Being able to change
                                 this is handy when using Port Address
                                 Translation to allow several hosts to
                                 hide behind the same IP address
PermitRootLogin   yes no        Whether to accept root logins.
                                 This is best set to "No";
                  administrators
                                 should connect the server with
                                 unprivileged accounts, and
                                 then "su" to root
PasswordAuthentication  yes no        (Default=yes)Whether
                                 to allow (encrypted) username/password
                                 authentication or to insist on DSA- or
                                 RSA-key-based authentication
PermitEmptyPasswords    yes no        (Default=no)Whether to
                                 allow accounts to log in whose system
                                 password is empty. Does not apply if
                                 PasswordAuthentication=no; also, does not
                                 apply to passphrase of DSA or RSA keys
                                 (i.e., null passwords on keys is O.K.)
X11Forwarding     yes no        (Default=no)Whether to allow clients to
                  run X-Windows applications over the ssh tunnel.
                                 There really is nothing to be gained by
                                 setting this to "no" here, since
                                 sshd_config can't similarly disable
                                 generic TCP forwaring (which can be used
                                 to forward X11).