- jmc@cvs.openbsd.org 2006/01/25 09:04:34

[sshd.8] move the options description up the page, and a few additional tweaks whilst in here; ok markus
author: Damien Miller <djm@mindrot.org> 2006-01-31 21:45:53 +1100
committer: Damien Miller <djm@mindrot.org> 2006-01-31 21:45:53 +1100
commit: 99cc4a8f1e4e1ab45e41600518aa888e24b4df64 (patch)
tree: 2d0761cf2f541f752d6be1186812221eb0b1188f
parent: ddfddf1ba3f767c27b8a57d0d70648ce925609a4 (diff)
2 files changed, 121 insertions, 117 deletions
diff --git a/ChangeLog b/ChangeLog
index ada3d3ae8..5ec6e615d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,11 @@
     [ssh_config.5]
     - word change, agreed w/ markus
     - consistency fixes
+   - jmc@cvs.openbsd.org 2006/01/25 09:04:34
+     [sshd.8]
+     move the options description up the page, and a few additional tweaks
+     whilst in here;
+     ok markus
 20060129
 - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
@@ -3729,4 +3734,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4095 2006/01/31 10:39:03 djm Exp $
+$Id: ChangeLog,v 1.4096 2006/01/31 10:45:53 djm Exp $
diff --git a/sshd.8 b/sshd.8
index 241aefd43..3ca929d50 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.211 2006/01/12 22:20:00 jmc Exp $
+.\" $OpenBSD: sshd.8,v 1.212 2006/01/25 09:04:34 jmc Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -56,16 +56,14 @@
 .Ek
 .Sh DESCRIPTION
 .Nm
-(SSH Daemon) is the daemon program for
+(OpenSSH Daemon) is the daemon program for
 .Xr ssh 1 .
 Together these programs replace rlogin and rsh, and
 provide secure encrypted communications between two untrusted hosts
 over an insecure network.
-The programs are intended to be as easy to
-install and use as possible.
 .Pp
 .Nm
-is the daemon that listens for connections from clients.
+listens for connections from clients.
 It is normally started at boot from
 .Pa /etc/rc .
 It forks a new
@@ -73,122 +71,13 @@ daemon for each incoming connection.
 The forked daemons handle
 key exchange, encryption, authentication, command execution,
 and data exchange.
-This implementation of
-.Nm
-supports both SSH protocol version 1 and 2 simultaneously.
-.Nm
-works as follows:
-.Ss SSH protocol version 1
-Each host has a host-specific RSA key
-(normally 2048 bits) used to identify the host.
-Additionally, when
-the daemon starts, it generates a server RSA key (normally 768 bits).
-This key is normally regenerated every hour if it has been used, and
-is never stored on disk.
-.Pp
-Whenever a client connects, the daemon responds with its public
-host and server keys.
-The client compares the
-RSA host key against its own database to verify that it has not changed.
-The client then generates a 256-bit random number.
-It encrypts this
-random number using both the host key and the server key, and sends
-the encrypted number to the server.
-Both sides then use this
-random number as a session key which is used to encrypt all further
-communications in the session.
-The rest of the session is encrypted
-using a conventional cipher, currently Blowfish or 3DES, with 3DES
-being used by default.
-The client selects the encryption algorithm
-to use from those offered by the server.
-.Pp
-Next, the server and the client enter an authentication dialog.
-The client tries to authenticate itself using
-.Em .rhosts
-authentication combined with RSA host
-authentication, RSA challenge-response authentication, or password
-based authentication.
-.Pp
-Regardless of the authentication type, the account is checked to
-ensure that it is accessible.  An account is not accessible if it is
-locked, listed in
-.Cm DenyUsers
-or its group is listed in
-.Cm DenyGroups
-\&.  The definition of a locked account is system dependant. Some platforms
-have their own account database (eg AIX) and some modify the passwd field (
-.Ql \&*LK\&*
-on Solaris and UnixWare,
-.Ql \&*
-on HP-UX, containing
-.Ql Nologin
-on Tru64,
-a leading
-.Ql \&*LOCKED\&*
-on FreeBSD and a leading
-.Ql \&!!
-on Linux).  If there is a requirement to disable password authentication
-for the account while allowing still public-key, then the passwd field
-should be set to something other than these values (eg
-.Ql NP
-or
-.Ql \&*NP\&*
-).
-.Pp
-.Nm rshd ,
-.Nm rlogind ,
-and
-.Nm rexecd
-are disabled (thus completely disabling
-.Xr rlogin
-and
-.Xr rsh
-into the machine).
-.Ss SSH protocol version 2
-Version 2 works similarly:
-Each host has a host-specific key (RSA or DSA) used to identify the host.
-However, when the daemon starts, it does not generate a server key.
-Forward security is provided through a Diffie-Hellman key agreement.
-This key agreement results in a shared session key.
-.Pp
-The rest of the session is encrypted using a symmetric cipher, currently
-128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
-The client selects the encryption algorithm
-to use from those offered by the server.
-Additionally, session integrity is provided
-through a cryptographic message authentication code
-(hmac-sha1 or hmac-md5).
-.Pp
-Protocol version 2 provides a public key based
-user (PubkeyAuthentication) or
-client host (HostbasedAuthentication) authentication method,
-conventional password authentication and challenge response based methods.
-.Ss Command execution and data forwarding
-If the client successfully authenticates itself, a dialog for
-preparing the session is entered.
-At this time the client may request
-things like allocating a pseudo-tty, forwarding X11 connections,
-forwarding TCP connections, or forwarding the authentication agent
-connection over the secure channel.
-.Pp
-Finally, the client either requests a shell or execution of a command.
-The sides then enter session mode.
-In this mode, either side may send
-data at any time, and such data is forwarded to/from the shell or
-command on the server side, and the user terminal in the client side.
-.Pp
-When the user program terminates and all forwarded X11 and other
-connections have been closed, the server sends command exit status to
-the client, and both sides exit.
 .Pp
 .Nm
 can be configured using command-line options or a configuration file
 (by default
-.Xr sshd_config 5 ) .
+.Xr sshd_config 5 ) ;
-Command-line options override values specified in the
+command-line options override values specified in the
 configuration file.
-.Pp
 .Nm
 rereads its configuration file when it receives a hangup signal,
 .Dv SIGHUP ,
@@ -338,6 +227,116 @@ USER@HOST pattern in
 or
 .Cm DenyUsers .
 .El
+.Pp
+This implementation of
+.Nm
+supports both SSH protocol version 1 and 2 simultaneously.
+.Nm
+works as follows:
+.Ss SSH protocol version 1
+Each host has a host-specific RSA key
+(normally 2048 bits) used to identify the host.
+Additionally, when
+the daemon starts, it generates a server RSA key (normally 768 bits).
+This key is normally regenerated every hour if it has been used, and
+is never stored on disk.
+.Pp
+Whenever a client connects, the daemon responds with its public
+host and server keys.
+The client compares the
+RSA host key against its own database to verify that it has not changed.
+The client then generates a 256-bit random number.
+It encrypts this
+random number using both the host key and the server key, and sends
+the encrypted number to the server.
+Both sides then use this
+random number as a session key which is used to encrypt all further
+communications in the session.
+The rest of the session is encrypted
+using a conventional cipher, currently Blowfish or 3DES, with 3DES
+being used by default.
+The client selects the encryption algorithm
+to use from those offered by the server.
+.Pp
+Next, the server and the client enter an authentication dialog.
+The client tries to authenticate itself using
+.Em rhosts
+authentication combined with RSA host
+authentication, RSA challenge-response authentication, or password
+based authentication.
+.Pp
+Regardless of the authentication type, the account is checked to
+ensure that it is accessible.  An account is not accessible if it is
+locked, listed in
+.Cm DenyUsers
+or its group is listed in
+.Cm DenyGroups
+\&.  The definition of a locked account is system dependant. Some platforms
+have their own account database (eg AIX) and some modify the passwd field (
+.Ql \&*LK\&*
+on Solaris and UnixWare,
+.Ql \&*
+on HP-UX, containing
+.Ql Nologin
+on Tru64,
+a leading
+.Ql \&*LOCKED\&*
+on FreeBSD and a leading
+.Ql \&!!
+on Linux).  If there is a requirement to disable password authentication
+for the account while allowing still public-key, then the passwd field
+should be set to something other than these values (eg
+.Ql NP
+or
+.Ql \&*NP\&*
+).
+.Pp
+System security is not improved unless
+.Nm rshd ,
+.Nm rlogind ,
+and
+.Nm rexecd
+are disabled (thus completely disabling
+.Xr rlogin
+and
+.Xr rsh
+into the machine).
+.Ss SSH protocol version 2
+Version 2 works similarly:
+Each host has a host-specific key (RSA or DSA) used to identify the host.
+However, when the daemon starts, it does not generate a server key.
+Forward security is provided through a Diffie-Hellman key agreement.
+This key agreement results in a shared session key.
+.Pp
+The rest of the session is encrypted using a symmetric cipher, currently
+128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
+The client selects the encryption algorithm
+to use from those offered by the server.
+Additionally, session integrity is provided
+through a cryptographic message authentication code
+(hmac-sha1 or hmac-md5).
+.Pp
+Protocol version 2 provides a public key based
+user (PubkeyAuthentication) or
+client host (HostbasedAuthentication) authentication method,
+conventional password authentication and challenge response based methods.
+.Ss Command execution and data forwarding
+If the client successfully authenticates itself, a dialog for
+preparing the session is entered.
+At this time the client may request
+things like allocating a pseudo-tty, forwarding X11 connections,
+forwarding TCP connections, or forwarding the authentication agent
+connection over the secure channel.
+.Pp
+Finally, the client either requests a shell or execution of a command.
+The sides then enter session mode.
+In this mode, either side may send
+data at any time, and such data is forwarded to/from the shell or
+command on the server side, and the user terminal in the client side.
+.Pp
+When the user program terminates and all forwarded X11 and other
+connections have been closed, the server sends command exit status to
+the client, and both sides exit.
 .Sh CONFIGURATION FILE
 .Nm
 reads configuration data from
author	Damien Miller <djm@mindrot.org>	2006-01-31 21:45:53 +1100
committer	Damien Miller <djm@mindrot.org>	2006-01-31 21:45:53 +1100
commit	99cc4a8f1e4e1ab45e41600518aa888e24b4df64 (patch)
tree	2d0761cf2f541f752d6be1186812221eb0b1188f
parent	ddfddf1ba3f767c27b8a57d0d70648ce925609a4 (diff)

diff --git a/ChangeLog b/ChangeLog index ada3d3ae8..5ec6e615d 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -4,6 +4,11 @@
4	[ssh_config.5]	4	[ssh_config.5]
5	- word change, agreed w/ markus	5	- word change, agreed w/ markus
6	- consistency fixes	6	- consistency fixes
		7	- jmc@cvs.openbsd.org 2006/01/25 09:04:34
		8	[sshd.8]
		9	move the options description up the page, and a few additional tweaks
		10	whilst in here;
		11	ok markus
7		12
8	20060129	13	20060129
9	- (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the	14	- (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
@@ -3729,4 +3734,4 @@
3729	- (djm) Trim deprecated options from INSTALL. Mention UsePAM	3734	- (djm) Trim deprecated options from INSTALL. Mention UsePAM
3730	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	3735	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
3731		3736
3732	$Id: ChangeLog,v 1.4095 2006/01/31 10:39:03 djm Exp $	3737	$Id: ChangeLog,v 1.4096 2006/01/31 10:45:53 djm Exp $


diff --git a/sshd.8 b/sshd.8 index 241aefd43..3ca929d50 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.211 2006/01/12 22:20:00 jmc Exp $	37	.\" $OpenBSD: sshd.8,v 1.212 2006/01/25 09:04:34 jmc Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -56,16 +56,14 @@
56	.Ek	56	.Ek
57	.Sh DESCRIPTION	57	.Sh DESCRIPTION
58	.Nm	58	.Nm
59	(SSH Daemon) is the daemon program for	59	(OpenSSH Daemon) is the daemon program for
60	.Xr ssh 1 .	60	.Xr ssh 1 .
61	Together these programs replace rlogin and rsh, and	61	Together these programs replace rlogin and rsh, and
62	provide secure encrypted communications between two untrusted hosts	62	provide secure encrypted communications between two untrusted hosts
63	over an insecure network.	63	over an insecure network.
64	The programs are intended to be as easy to
65	install and use as possible.
66	.Pp	64	.Pp
67	.Nm	65	.Nm
68	is the daemon that listens for connections from clients.	66	listens for connections from clients.
69	It is normally started at boot from	67	It is normally started at boot from
70	.Pa /etc/rc .	68	.Pa /etc/rc .
71	It forks a new	69	It forks a new
@@ -73,122 +71,13 @@ daemon for each incoming connection.
73	The forked daemons handle	71	The forked daemons handle
74	key exchange, encryption, authentication, command execution,	72	key exchange, encryption, authentication, command execution,
75	and data exchange.	73	and data exchange.
76	This implementation of
77	.Nm
78	supports both SSH protocol version 1 and 2 simultaneously.
79	.Nm
80	works as follows:
81	.Ss SSH protocol version 1
82	Each host has a host-specific RSA key
83	(normally 2048 bits) used to identify the host.
84	Additionally, when
85	the daemon starts, it generates a server RSA key (normally 768 bits).
86	This key is normally regenerated every hour if it has been used, and
87	is never stored on disk.
88	.Pp
89	Whenever a client connects, the daemon responds with its public
90	host and server keys.
91	The client compares the
92	RSA host key against its own database to verify that it has not changed.
93	The client then generates a 256-bit random number.
94	It encrypts this
95	random number using both the host key and the server key, and sends
96	the encrypted number to the server.
97	Both sides then use this
98	random number as a session key which is used to encrypt all further
99	communications in the session.
100	The rest of the session is encrypted
101	using a conventional cipher, currently Blowfish or 3DES, with 3DES
102	being used by default.
103	The client selects the encryption algorithm
104	to use from those offered by the server.
105	.Pp
106	Next, the server and the client enter an authentication dialog.
107	The client tries to authenticate itself using
108	.Em .rhosts
109	authentication combined with RSA host
110	authentication, RSA challenge-response authentication, or password
111	based authentication.
112	.Pp
113	Regardless of the authentication type, the account is checked to
114	ensure that it is accessible. An account is not accessible if it is
115	locked, listed in
116	.Cm DenyUsers
117	or its group is listed in
118	.Cm DenyGroups
119	\&. The definition of a locked account is system dependant. Some platforms
120	have their own account database (eg AIX) and some modify the passwd field (
121	.Ql \&LK\&
122	on Solaris and UnixWare,
123	.Ql \&*
124	on HP-UX, containing
125	.Ql Nologin
126	on Tru64,
127	a leading
128	.Ql \&LOCKED\&
129	on FreeBSD and a leading
130	.Ql \&!!
131	on Linux). If there is a requirement to disable password authentication
132	for the account while allowing still public-key, then the passwd field
133	should be set to something other than these values (eg
134	.Ql NP
135	or
136	.Ql \&NP\&
137	).
138	.Pp
139	.Nm rshd ,
140	.Nm rlogind ,
141	and
142	.Nm rexecd
143	are disabled (thus completely disabling
144	.Xr rlogin
145	and
146	.Xr rsh
147	into the machine).
148	.Ss SSH protocol version 2
149	Version 2 works similarly:
150	Each host has a host-specific key (RSA or DSA) used to identify the host.
151	However, when the daemon starts, it does not generate a server key.
152	Forward security is provided through a Diffie-Hellman key agreement.
153	This key agreement results in a shared session key.
154	.Pp
155	The rest of the session is encrypted using a symmetric cipher, currently
156	128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
157	The client selects the encryption algorithm
158	to use from those offered by the server.
159	Additionally, session integrity is provided
160	through a cryptographic message authentication code
161	(hmac-sha1 or hmac-md5).
162	.Pp
163	Protocol version 2 provides a public key based
164	user (PubkeyAuthentication) or
165	client host (HostbasedAuthentication) authentication method,
166	conventional password authentication and challenge response based methods.
167	.Ss Command execution and data forwarding
168	If the client successfully authenticates itself, a dialog for
169	preparing the session is entered.
170	At this time the client may request
171	things like allocating a pseudo-tty, forwarding X11 connections,
172	forwarding TCP connections, or forwarding the authentication agent
173	connection over the secure channel.
174	.Pp
175	Finally, the client either requests a shell or execution of a command.
176	The sides then enter session mode.
177	In this mode, either side may send
178	data at any time, and such data is forwarded to/from the shell or
179	command on the server side, and the user terminal in the client side.
180	.Pp
181	When the user program terminates and all forwarded X11 and other
182	connections have been closed, the server sends command exit status to
183	the client, and both sides exit.
184	.Pp	74	.Pp
185	.Nm	75	.Nm
186	can be configured using command-line options or a configuration file	76	can be configured using command-line options or a configuration file
187	(by default	77	(by default
188	.Xr sshd_config 5 ) .	78	.Xr sshd_config 5 ) ;
189	Command-line options override values specified in the	79	command-line options override values specified in the
190	configuration file.	80	configuration file.
191	.Pp
192	.Nm	81	.Nm
193	rereads its configuration file when it receives a hangup signal,	82	rereads its configuration file when it receives a hangup signal,
194	.Dv SIGHUP ,	83	.Dv SIGHUP ,
@@ -338,6 +227,116 @@ USER@HOST pattern in
338	or	227	or
339	.Cm DenyUsers .	228	.Cm DenyUsers .
340	.El	229	.El
		230	.Pp
		231	This implementation of
		232	.Nm
		233	supports both SSH protocol version 1 and 2 simultaneously.
		234	.Nm
		235	works as follows:
		236	.Ss SSH protocol version 1
		237	Each host has a host-specific RSA key
		238	(normally 2048 bits) used to identify the host.
		239	Additionally, when
		240	the daemon starts, it generates a server RSA key (normally 768 bits).
		241	This key is normally regenerated every hour if it has been used, and
		242	is never stored on disk.
		243	.Pp
		244	Whenever a client connects, the daemon responds with its public
		245	host and server keys.
		246	The client compares the
		247	RSA host key against its own database to verify that it has not changed.
		248	The client then generates a 256-bit random number.
		249	It encrypts this
		250	random number using both the host key and the server key, and sends
		251	the encrypted number to the server.
		252	Both sides then use this
		253	random number as a session key which is used to encrypt all further
		254	communications in the session.
		255	The rest of the session is encrypted
		256	using a conventional cipher, currently Blowfish or 3DES, with 3DES
		257	being used by default.
		258	The client selects the encryption algorithm
		259	to use from those offered by the server.
		260	.Pp
		261	Next, the server and the client enter an authentication dialog.
		262	The client tries to authenticate itself using
		263	.Em rhosts
		264	authentication combined with RSA host
		265	authentication, RSA challenge-response authentication, or password
		266	based authentication.
		267	.Pp
		268	Regardless of the authentication type, the account is checked to
		269	ensure that it is accessible. An account is not accessible if it is
		270	locked, listed in
		271	.Cm DenyUsers
		272	or its group is listed in
		273	.Cm DenyGroups
		274	\&. The definition of a locked account is system dependant. Some platforms
		275	have their own account database (eg AIX) and some modify the passwd field (
		276	.Ql \&LK\&
		277	on Solaris and UnixWare,
		278	.Ql \&*
		279	on HP-UX, containing
		280	.Ql Nologin
		281	on Tru64,
		282	a leading
		283	.Ql \&LOCKED\&
		284	on FreeBSD and a leading
		285	.Ql \&!!
		286	on Linux). If there is a requirement to disable password authentication
		287	for the account while allowing still public-key, then the passwd field
		288	should be set to something other than these values (eg
		289	.Ql NP
		290	or
		291	.Ql \&NP\&
		292	).
		293	.Pp
		294	System security is not improved unless
		295	.Nm rshd ,
		296	.Nm rlogind ,
		297	and
		298	.Nm rexecd
		299	are disabled (thus completely disabling
		300	.Xr rlogin
		301	and
		302	.Xr rsh
		303	into the machine).
		304	.Ss SSH protocol version 2
		305	Version 2 works similarly:
		306	Each host has a host-specific key (RSA or DSA) used to identify the host.
		307	However, when the daemon starts, it does not generate a server key.
		308	Forward security is provided through a Diffie-Hellman key agreement.
		309	This key agreement results in a shared session key.
		310	.Pp
		311	The rest of the session is encrypted using a symmetric cipher, currently
		312	128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
		313	The client selects the encryption algorithm
		314	to use from those offered by the server.
		315	Additionally, session integrity is provided
		316	through a cryptographic message authentication code
		317	(hmac-sha1 or hmac-md5).
		318	.Pp
		319	Protocol version 2 provides a public key based
		320	user (PubkeyAuthentication) or
		321	client host (HostbasedAuthentication) authentication method,
		322	conventional password authentication and challenge response based methods.
		323	.Ss Command execution and data forwarding
		324	If the client successfully authenticates itself, a dialog for
		325	preparing the session is entered.
		326	At this time the client may request
		327	things like allocating a pseudo-tty, forwarding X11 connections,
		328	forwarding TCP connections, or forwarding the authentication agent
		329	connection over the secure channel.
		330	.Pp
		331	Finally, the client either requests a shell or execution of a command.
		332	The sides then enter session mode.
		333	In this mode, either side may send
		334	data at any time, and such data is forwarded to/from the shell or
		335	command on the server side, and the user terminal in the client side.
		336	.Pp
		337	When the user program terminates and all forwarded X11 and other
		338	connections have been closed, the server sends command exit status to
		339	the client, and both sides exit.
341	.Sh CONFIGURATION FILE	340	.Sh CONFIGURATION FILE
342	.Nm	341	.Nm
343	reads configuration data from	342	reads configuration data from