The OpenSSH daemon has many "default" values for its settings. So looking at the sshd_config might not give someone the complete set of active settings.
How to display the full sshd configuration (for OpenSSH)?
Asked
Active
Viewed 2.6k times
49
-
Related: [*verify sshd configuration*](https://serverfault.com/q/390488). – Alexey Feb 08 '20 at 19:45
1 Answers
74
The OpenSSH sshd command has an extended test switch which can be used to "Check the validity of the configuration file, output the effective configuration to stdout and then exit." (source sshd man page).
So the answer is (as root, or prefixing it with sudo):
sshd -T
(the settings are not in alphabetical order, one can use sshd -T | sort to quickly look for one setting, or just grep the setting) :-)
PS: my first reflex was looking for this answer online, but the search engines were not helpful. And then only looked at the man page and found the answers. For those lazy like me which turns too quickly to the internet, there is now the answer posted online! Lesson learned today: check the man page first, ask a search engine later if needed.
Huygens
- 8,985
- 3
- 31
- 36
-
3That's the best answer. But also note that older versions of ssh shipped with an sshd_config file that contained all the defaults commented out. So worst case you could always get the distribution and look at that file. – user3188445 Jul 24 '15 at 16:57
-
1If using `grep`, add the `-i` option because the mixed case used in the config. file is not preserved. The option names given by `-T` are in all lowercase. So for example, use `sshd -T | grep -i UseDNS` or write the option name in lowercase: `sshd -T | grep usedns`. – mivk Jan 09 '23 at 16:02
-
Very nice feature, thank you for the hint. For those who want to check the settings for a specific user, this can be specified by `-C`, for example: `sudo sshd -T -C user=username` – BurninLeo May 28 '23 at 10:57