2 # Example configuration file. Note that this attempts to present various
3 # configuration possibilities and may not actually give any sensible
4 # configuration. For real life example see the examples/ directory.
8 # General configuration options
11 # This is the default path where to search modules
12 # You can comment it out to use builtin modules globally.
13 module_path = "@MODULESDIR@";
15 # If both passphrase and public key authentication is set for a
16 # connection the public key authentication is the preferred one
17 # to use. Set this to `true' to prefer passphrase authentication
18 # over public key authentication in these cases.
20 # prefer_passphrase_auth = true;
26 # The "Module" option can be either absolute or relative to the "ModulePath"
28 # If commented out forces using of built-in modules.
32 module = "aes.sim.so";
38 module = "aes.sim.so";
44 module = "aes.sim.so";
49 name = "twofish-256-cbc";
50 module = "twofish.sim.so";
55 name = "twofish-192-cbc";
56 module = "twofish.sim.so";
61 name = "twofish-128-cbc";
62 module = "twofish.sim.so";
67 name = "mars-256-cbc";
68 module = "mars.sim.so";
73 name = "mars-192-cbc";
74 module = "mars.sim.so";
79 name = "mars-128-cbc";
80 module = "mars.sim.so";
86 module = "none.sim.so";
90 # Configured hash functions
104 # Configured HMAC functions. The hash function used in the HMAC must
105 # be configured in the hash section.
108 name = "hmac-sha1-96";
113 name = "hmac-md5-96";
131 PKCS { name = "rsa"; };
138 # Server FQDN and IP address
140 hostname = "lassi.kuo.fi.ssh.com";
145 # ServerType field specifies the purpose of this server
146 # This is only a descriptive field.
148 ServerType = "Test Server";
151 # Geographic location
153 Location = "Kuopio, Finland";
158 Admin = "Pekka Riikonen";
161 # Admin's email address
163 EMail = "priikone@poseidon.pspt.fi";
166 # Run SILC server as specific user and group. The server must be
167 # initially run as root.
173 # Public and private keys
175 PublicKey = "@ETCDIR@/silcd.pub";
176 PrivateKey = "@ETCDIR@/silcd.prv";
181 # Specifies the text file displayed on client connection
183 #MotdFile = "@ETCDIR@/motd.txt";
188 PidFile = "@PIDFILE@";
194 # This section is used to set various logging files, their paths, maximum
195 # sizes and logging options.
196 # There are only four defined channels allowed for defining (see below).
197 # The log channels have an importance value, and most important channels
198 # are redirected on the less important ones, thus setting a valid logging
199 # file for "infologfile" will ensure logging for all channels, while setting
200 # logging file for "errorlogfile" will ensure logging for channels "error"
205 # If QuickLogs is true, then the logging files will be updated
206 # real-time. This causes a bit more CPU and HDD activity, but
207 # reduces memory usage. (if unsure say true).
212 # (Only if QuickLogs is false)
213 # FlushDelay tells log files update delay in case you have chosen
219 File = "@LOGSDIR@/silcd.log";
223 File = "@LOGSDIR@/silcd_warnings.log";
227 File = "@LOGSDIR@/silcd_errors.log";
231 File = "@LOGSDIR@/silcd_fatals.log";
237 # Connection classes (UNSUPPORTED)
239 # This section is used to define connection classes. These can be
240 # used to optimize the server and the connections.
250 # Configured client connections.
252 # All fields except Class are optional. Omitted fields are assumed
253 # to be generic (e.g. if the "Host" field is omitted all hosts will match
254 # this client class).
257 # Host = "127.0.0.1";
267 # Configured server administrator connections
269 # The fields "Host", "User", and "Nick", are optional but you are encouraged
270 # in using them to better identify your admins.
272 # The authentication data is specified by Passphrase and/or Publickey.
273 # If both are provided then both password and public key based authentication
274 # is allowed. If the Publickey is used it includes the file path to the
275 # public key file. If none of them is provided then authentication is not
282 Passphrase = "verysecret";
283 # Publickey = "/path/to/the/public.key";
289 # These connections are denied to connect to our server.
291 # The "Reason" field is mandatory, while the "Host" and "Port" fields can be
292 # omitted to match everything.
295 # Host = "10.2.1.99";
297 # Reason = "Go away spammer";
301 # Reason = "You are not welcome.";
305 # Configured server connections.
307 # If server connections are configured it means that this server is
308 # router server. Normal servers must not configure server connections.
309 # Thus, if this server is not router do not configure this section. If
310 # your server is router, this must be configured.
312 # The authentication data is specified by Passphrase and/or Publickey.
313 # If both are provided then both password and public key based authentication
314 # is allowed. If the Publickey is used it includes the file path to the
315 # public key file. If none of them is provided then authentication is not
318 # If the connection is backup connection then set the "Backup" option
319 # to true. For normal connections set it false. If it is set to true then
320 # this server will be backup router.
324 Passphrase = "verysecret";
325 # Publickey = "/path/to/the/public.key";
332 # Configured router connections
334 # For normal servers only one entry maybe configured to this section. It
335 # must be the router this server will be connected to. For router servers,
336 # this section includes all configured router connections. The first
337 # configured connection is the primary route.
339 # The authentication data is specified by Passphrase and/or Publickey.
340 # If both are provided then both password and public key based authentication
341 # is allowed. If the Publickey is used it includes the file path to the
342 # public key file. If none of them is provided then authentication is not
345 # If you are the initiator of the connection then set the "Initiator"
346 # option to true. If you are the responder of the connection (waiting for
347 # incoming connection) then set it to false.
349 # If the connection is backup router connection then set the "BackupHost"
350 # option to the IP address of the router that the backup router will
351 # replace if it becomes unavailable. Set also the router's port to the
352 # "BackupPort" option. For normal connection leave both commented. If this
353 # backup router is in our cell then set the "LocalBackup" option to true.
354 # If the backup router is in other cell then set it to false.
359 Passphrase = "verysecret";
360 # Publickey = "/path/to/the/public.key";
364 #BackupHost = "10.2.1.6";