All global settings are defined in wSSH.ini
User defined settings will overrule the global settings.
Default it will use the following settings (in wSSH.ini) :
- Bind IP to 0.0.0.0 (all adapters)
- Deny all host connections, except from localhost (127.0.0.1)
- Deny all ssh logins, except user test (defined in the config directory)
- Deny all sftp,scp and portforward requests
- User test (password test) is granted access
| [Service] |
|---|
| Name | the service name which is used, defaults to wSSH |
| Description | some description |
| |
| [Server] |
|---|
| ConfigDir | Directory where user and host settings are kept, also the private key of the server is there generated. |
| Saltkey | optional encryption key to use for private keys or user password instead of the default. |
| BindIP | To which adapter to bind the server, 0.0.0.0 = all adapters |
| Port | Port to use, default 22 |
| Timeout | Optional session timeout |
| ShellCmd | default SSH shell command, default C:\WINDOWS\System32\cmd.exe |
| AllowHost | (0 or 1) if hostconnections are allowed, if 0 no host connection is allowed unless in the configdir there is a file .allow
If 1 all host are allowed, unless there is a file host_<ipno>.deny |
| AllowPassword | Allow password logins, if 0 password logins are denied and only public keys are accepted. |
| AllowedUsersOnly | (0 or 1) If password logins are allowed, allow only users which are defined (a user_<user>.ini file in the config directory) |
| NTAuthentication | 0 or 1 Use NT authentication for password check
If used, the shell is started with the user credentials |
| UserDomain | Use this domain with the NTauthentication check |
| |
| [Logging] |
|---|
| Log | Each letter defined the kind of messages which are logged:
E=Errors W=warnings A=Login access F=login failures I=information D=debug messages |
| LogEvent | (0 or 1) log to application event log |
| LogFile | (0 or 1) log to logfile, if 1 and no logfile specified, it goes to stdout |
| LogFileName | file for logmessages |
| |
| [SSH] |
|---|
| AllowShell | (0 or 1) allow shell access |
| AllowExec | (0 or 1) allow user to execute commands |
| AllowPublicKey | (0 or 1) allow public key authentication |
| |
| [SFTP] |
|---|
| AllowSFTP | (0 or 1) allow sftp connections |
| AllowSCP | (0 or 1) allow scp connections |
| SFTPDir | rootdir for sftp/scp connections, user cannot go to parent directory |
| SFTPupload | (0 or 1) allow file uploads |
| SFTPdownload | (0 or 1) allow file downloads |
| SFTPdeletefile | (0 or 1) allow file deletes |
| SFTPrenamefile | (0 or 1) allow file renames |
| SFTPlistdir | (0 or 1) allow directory listings |
| SFTPmakedir | (0 or 1) allow creation of directories |
| SFTPdeletedir | (0 or 1) allow directory deletion |
| |
| [Tunnel] |
|---|
| AllowTunnel | (0 or 1) Allow tunneling |
| LocalPort=0 | (0 or 1) Allow local port forwarding |
| RemotePort=0 | (0 or 1) Allow remote port forwarding |
