diff options
author | Damien Miller <djm@mindrot.org> | 2000-05-07 12:03:14 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-05-07 12:03:14 +1000 |
commit | e247cc402bc391650f014316363dbce78ad85dc7 (patch) | |
tree | 65d72c3d3514c6119f47017f14b71ed153485a5d /ssh.1 | |
parent | 0437b33e54fd72060d17908d6abf96bfabaacad2 (diff) |
- Remove references to SSLeay.
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
Diffstat (limited to 'ssh.1')
-rw-r--r-- | ssh.1 | 160 |
1 files changed, 126 insertions, 34 deletions
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: ssh.1,v 1.23 2000/04/20 13:27:27 damien Exp $ | 12 | .\" $Id: ssh.1,v 1.24 2000/05/07 02:03:19 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSH 1 | 15 | .Dt SSH 1 |
@@ -63,7 +63,10 @@ arbitrary TCP/IP ports can also be forwarded over the secure channel. | |||
63 | connects and logs into the specified | 63 | connects and logs into the specified |
64 | .Ar hostname . | 64 | .Ar hostname . |
65 | The user must prove | 65 | The user must prove |
66 | his/her identity to the remote machine using one of several methods. | 66 | his/her identity to the remote machine using one of several methods |
67 | depending on the protocol version used: | ||
68 | .Pp | ||
69 | .Ss SSH protocol version 1 | ||
67 | .Pp | 70 | .Pp |
68 | First, if the machine the user logs in from is listed in | 71 | First, if the machine the user logs in from is listed in |
69 | .Pa /etc/hosts.equiv | 72 | .Pa /etc/hosts.equiv |
@@ -88,8 +91,8 @@ or | |||
88 | .Pa hosts.equiv | 91 | .Pa hosts.equiv |
89 | method combined with RSA-based host authentication. | 92 | method combined with RSA-based host authentication. |
90 | It means that if the login would be permitted by | 93 | It means that if the login would be permitted by |
91 | .Pa \&.rhosts , | 94 | .Pa $HOME/.rhosts , |
92 | .Pa \&.shosts , | 95 | .Pa $HOME/.shosts , |
93 | .Pa /etc/hosts.equiv , | 96 | .Pa /etc/hosts.equiv , |
94 | or | 97 | or |
95 | .Pa /etc/shosts.equiv , | 98 | .Pa /etc/shosts.equiv , |
@@ -105,7 +108,7 @@ This authentication method closes security holes due to IP | |||
105 | spoofing, DNS spoofing and routing spoofing. | 108 | spoofing, DNS spoofing and routing spoofing. |
106 | [Note to the administrator: | 109 | [Note to the administrator: |
107 | .Pa /etc/hosts.equiv , | 110 | .Pa /etc/hosts.equiv , |
108 | .Pa \&.rhosts , | 111 | .Pa $HOME/.rhosts , |
109 | and the rlogin/rsh protocol in general, are inherently insecure and should be | 112 | and the rlogin/rsh protocol in general, are inherently insecure and should be |
110 | disabled if security is desired.] | 113 | disabled if security is desired.] |
111 | .Pp | 114 | .Pp |
@@ -143,18 +146,18 @@ implements the RSA authentication protocol automatically. | |||
143 | The user creates his/her RSA key pair by running | 146 | The user creates his/her RSA key pair by running |
144 | .Xr ssh-keygen 1 . | 147 | .Xr ssh-keygen 1 . |
145 | This stores the private key in | 148 | This stores the private key in |
146 | .Pa \&.ssh/identity | 149 | .Pa $HOME/.ssh/identity |
147 | and the public key in | 150 | and the public key in |
148 | .Pa \&.ssh/identity.pub | 151 | .Pa $HOME/.ssh/identity.pub |
149 | in the user's home directory. | 152 | in the user's home directory. |
150 | The user should then copy the | 153 | The user should then copy the |
151 | .Pa identity.pub | 154 | .Pa identity.pub |
152 | to | 155 | to |
153 | .Pa \&.ssh/authorized_keys | 156 | .Pa $HOME/.ssh/authorized_keys |
154 | in his/her home directory on the remote machine (the | 157 | in his/her home directory on the remote machine (the |
155 | .Pa authorized_keys | 158 | .Pa authorized_keys |
156 | file corresponds to the conventional | 159 | file corresponds to the conventional |
157 | .Pa \&.rhosts | 160 | .Pa $HOME/.rhosts |
158 | file, and has one key | 161 | file, and has one key |
159 | per line, though the lines can be very long). | 162 | per line, though the lines can be very long). |
160 | After this, the user can log in without giving the password. | 163 | After this, the user can log in without giving the password. |
@@ -174,6 +177,38 @@ The password is sent to the remote | |||
174 | host for checking; however, since all communications are encrypted, | 177 | host for checking; however, since all communications are encrypted, |
175 | the password cannot be seen by someone listening on the network. | 178 | the password cannot be seen by someone listening on the network. |
176 | .Pp | 179 | .Pp |
180 | .Ss SSH protocol version 2 | ||
181 | .Pp | ||
182 | When a user connects using the protocol version 2 | ||
183 | different authentication methods are available: | ||
184 | At first, the client attempts to authenticate using the public key method. | ||
185 | If this method fails password authentication is tried. | ||
186 | .Pp | ||
187 | The public key method is similar to RSA authentication described | ||
188 | in the previous section except that the DSA algorithm is used | ||
189 | instead of the patented RSA algorithm. | ||
190 | The client uses his private DSA key | ||
191 | .Pa $HOME/.ssh/id_dsa | ||
192 | to sign the session identifier and sends the result to the server. | ||
193 | The server checks whether the matching public key is listed in | ||
194 | .Pa $HOME/.ssh/authorized_keys2 | ||
195 | and grants access if both the key is found and the signature is correct. | ||
196 | The session identifier is derived from a shared Diffie-Hellman value | ||
197 | and is only known to the client and the server. | ||
198 | .Pp | ||
199 | If public key authentication fails or is not available a password | ||
200 | can be sent encrypted to the remote host for proving the user's identity. | ||
201 | This protocol 2 implementation does not yet support Kerberos or | ||
202 | S/Key authentication. | ||
203 | .Pp | ||
204 | Protocol 2 provides additional mechanisms for confidentiality | ||
205 | (the traffic is encrypted using 3DES, blowfish, cast128 or arcfour) | ||
206 | and integrity (hmac-sha1, hmac-md5). | ||
207 | Note that protocol 1 lacks a strong mechanism for ensuring the | ||
208 | integrity of the connection. | ||
209 | .Pp | ||
210 | .Ss Login session and remote execution | ||
211 | .Pp | ||
177 | When the user's identity has been accepted by the server, the server | 212 | When the user's identity has been accepted by the server, the server |
178 | either executes the given command, or logs into the machine and gives | 213 | either executes the given command, or logs into the machine and gives |
179 | the user a normal shell on the remote machine. | 214 | the user a normal shell on the remote machine. |
@@ -219,6 +254,8 @@ The exit status of the remote program is returned as the exit status | |||
219 | of | 254 | of |
220 | .Nm ssh . | 255 | .Nm ssh . |
221 | .Pp | 256 | .Pp |
257 | .Ss X11 and TCP forwarding | ||
258 | .Pp | ||
222 | If the user is using X11 (the | 259 | If the user is using X11 (the |
223 | .Ev DISPLAY | 260 | .Ev DISPLAY |
224 | environment variable is set), the connection to the X11 display is | 261 | environment variable is set), the connection to the X11 display is |
@@ -262,15 +299,22 @@ be specified either on command line or in a configuration file. | |||
262 | One possible application of TCP/IP forwarding is a secure connection to an | 299 | One possible application of TCP/IP forwarding is a secure connection to an |
263 | electronic purse; another is going trough firewalls. | 300 | electronic purse; another is going trough firewalls. |
264 | .Pp | 301 | .Pp |
302 | .Ss Server authentication | ||
303 | .Pp | ||
265 | .Nm | 304 | .Nm |
266 | automatically maintains and checks a database containing RSA-based | 305 | automatically maintains and checks a database containing |
267 | identifications for all hosts it has ever been used with. | 306 | identifications for all hosts it has ever been used with. |
268 | The database is stored in | 307 | RSA host keys are stored in |
269 | .Pa \&.ssh/known_hosts | 308 | .Pa $HOME/.ssh/known_hosts |
309 | and | ||
310 | DSA host keys are stored in | ||
311 | .Pa $HOME/.ssh/known_hosts2 | ||
270 | in the user's home directory. | 312 | in the user's home directory. |
271 | Additionally, the file | 313 | Additionally, the files |
272 | .Pa /etc/ssh_known_hosts | 314 | .Pa /etc/ssh_known_hosts |
273 | is automatically checked for known hosts. | 315 | and |
316 | .Pa /etc/ssh_known_hosts2 | ||
317 | are automatically checked for known hosts. | ||
274 | Any new hosts are automatically added to the user's file. | 318 | Any new hosts are automatically added to the user's file. |
275 | If a host's identification | 319 | If a host's identification |
276 | ever changes, | 320 | ever changes, |
@@ -333,7 +377,7 @@ Allows remote hosts to connect to local forwarded ports. | |||
333 | Selects the file from which the identity (private key) for | 377 | Selects the file from which the identity (private key) for |
334 | RSA authentication is read. | 378 | RSA authentication is read. |
335 | Default is | 379 | Default is |
336 | .Pa \&.ssh/identity | 380 | .Pa $HOME/.ssh/identity |
337 | in the user's home directory. | 381 | in the user's home directory. |
338 | Identity files may also be specified on | 382 | Identity files may also be specified on |
339 | a per-host basis in the configuration file. | 383 | a per-host basis in the configuration file. |
@@ -458,7 +502,7 @@ logging in as root on the remote machine. | |||
458 | .It Fl 2 | 502 | .It Fl 2 |
459 | Forces | 503 | Forces |
460 | .Nm | 504 | .Nm |
461 | to use protocol version 2 only. | 505 | to try protocol version 2 only. |
462 | .It Fl 4 | 506 | .It Fl 4 |
463 | Forces | 507 | Forces |
464 | .Nm | 508 | .Nm |
@@ -575,6 +619,15 @@ Specifies the number of tries (one per second) to make before falling | |||
575 | back to rsh or exiting. | 619 | back to rsh or exiting. |
576 | The argument must be an integer. | 620 | The argument must be an integer. |
577 | This may be useful in scripts if the connection sometimes fails. | 621 | This may be useful in scripts if the connection sometimes fails. |
622 | .It Cm DSAAuthentication | ||
623 | Specifies whether to try DSA authentication. | ||
624 | The argument to this keyword must be | ||
625 | .Dq yes | ||
626 | or | ||
627 | .Dq no . | ||
628 | DSA authentication will only be | ||
629 | attempted if a DSA identity file exists. | ||
630 | Note that this option applies to protocol version 2 only. | ||
578 | .It Cm EscapeChar | 631 | .It Cm EscapeChar |
579 | Sets the escape character (default: | 632 | Sets the escape character (default: |
580 | .Ql ~ ) . | 633 | .Ql ~ ) . |
@@ -640,7 +693,7 @@ specifications). | |||
640 | .It Cm IdentityFile | 693 | .It Cm IdentityFile |
641 | Specifies the file from which the user's RSA authentication identity | 694 | Specifies the file from which the user's RSA authentication identity |
642 | is read (default | 695 | is read (default |
643 | .Pa .ssh/identity | 696 | .Pa $HOME/.ssh/identity |
644 | in the user's home directory). | 697 | in the user's home directory). |
645 | Additionally, any identities represented by the authentication agent | 698 | Additionally, any identities represented by the authentication agent |
646 | will be used for authentication. | 699 | will be used for authentication. |
@@ -649,6 +702,16 @@ syntax to refer to a user's home directory. | |||
649 | It is possible to have | 702 | It is possible to have |
650 | multiple identity files specified in configuration files; all these | 703 | multiple identity files specified in configuration files; all these |
651 | identities will be tried in sequence. | 704 | identities will be tried in sequence. |
705 | .It Cm IdentityFile2 | ||
706 | Specifies the file from which the user's DSA authentication identity | ||
707 | is read (default | ||
708 | .Pa $HOME/.ssh/id_dsa | ||
709 | in the user's home directory). | ||
710 | The file name may use the tilde | ||
711 | syntax to refer to a user's home directory. | ||
712 | It is possible to have | ||
713 | multiple identity files specified in configuration files; all these | ||
714 | identities will be tried in sequence. | ||
652 | .It Cm KeepAlive | 715 | .It Cm KeepAlive |
653 | Specifies whether the system should send keepalive messages to the | 716 | Specifies whether the system should send keepalive messages to the |
654 | other side. | 717 | other side. |
@@ -704,6 +767,7 @@ The argument to this keyword must be | |||
704 | .Dq yes | 767 | .Dq yes |
705 | or | 768 | or |
706 | .Dq no . | 769 | .Dq no . |
770 | Note that this option applies to both protocol version 1 and 2. | ||
707 | .It Cm Port | 771 | .It Cm Port |
708 | Specifies the port number to connect on the remote host. | 772 | Specifies the port number to connect on the remote host. |
709 | Default is 22. | 773 | Default is 22. |
@@ -717,7 +781,11 @@ and | |||
717 | .Dq 2 . | 781 | .Dq 2 . |
718 | Multiple versions must be comma-separated. | 782 | Multiple versions must be comma-separated. |
719 | The default is | 783 | The default is |
720 | .Dq 1 . | 784 | .Dq 1,2 . |
785 | This means that | ||
786 | .Nm | ||
787 | tries version 1 and falls back to version 2 | ||
788 | if version 1 is no available. | ||
721 | .It Cm ProxyCommand | 789 | .It Cm ProxyCommand |
722 | Specifies the command to use to connect to the server. | 790 | Specifies the command to use to connect to the server. |
723 | The command | 791 | The command |
@@ -782,6 +850,7 @@ or | |||
782 | RSA authentication will only be | 850 | RSA authentication will only be |
783 | attempted if the identity file exists, or an authentication agent is | 851 | attempted if the identity file exists, or an authentication agent is |
784 | running. | 852 | running. |
853 | Note that this option applies to protocol version 1 only. | ||
785 | .It Cm SkeyAuthentication | 854 | .It Cm SkeyAuthentication |
786 | Specifies whether to use | 855 | Specifies whether to use |
787 | .Xr skey 1 | 856 | .Xr skey 1 |
@@ -798,10 +867,14 @@ If this flag is set to | |||
798 | .Nm | 867 | .Nm |
799 | ssh will never automatically add host keys to the | 868 | ssh will never automatically add host keys to the |
800 | .Pa $HOME/.ssh/known_hosts | 869 | .Pa $HOME/.ssh/known_hosts |
801 | file, and refuses to connect hosts whose host key has changed. | 870 | and |
871 | .Pa $HOME/.ssh/known_hosts2 | ||
872 | files, and refuses to connect hosts whose host key has changed. | ||
802 | This provides maximum protection against trojan horse attacks. | 873 | This provides maximum protection against trojan horse attacks. |
803 | However, it can be somewhat annoying if you don't have good | 874 | However, it can be somewhat annoying if you don't have good |
804 | .Pa /etc/ssh_known_hosts | 875 | .Pa /etc/ssh_known_hosts |
876 | and | ||
877 | .Pa /etc/ssh_known_hosts2 | ||
805 | files installed and frequently | 878 | files installed and frequently |
806 | connect new hosts. | 879 | connect new hosts. |
807 | Basically this option forces the user to manually | 880 | Basically this option forces the user to manually |
@@ -921,28 +994,36 @@ in | |||
921 | .Pa /etc/ssh_known_hosts ) . | 994 | .Pa /etc/ssh_known_hosts ) . |
922 | See | 995 | See |
923 | .Xr sshd 8 . | 996 | .Xr sshd 8 . |
924 | .It Pa $HOME/.ssh/identity | 997 | .It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa |
925 | Contains the RSA authentication identity of the user. | 998 | Contains the RSA and the DSA authentication identity of the user. |
926 | This file | 999 | These files |
927 | contains sensitive data and should be readable by the user but not | 1000 | contain sensitive data and should be readable by the user but not |
928 | accessible by others (read/write/execute). | 1001 | accessible by others (read/write/execute). |
929 | Note that | 1002 | Note that |
930 | .Nm | 1003 | .Nm |
931 | ignores this file if it is accessible by others. | 1004 | ignores a private key file if it is accessible by others. |
932 | It is possible to specify a passphrase when | 1005 | It is possible to specify a passphrase when |
933 | generating the key; the passphrase will be used to encrypt the | 1006 | generating the key; the passphrase will be used to encrypt the |
934 | sensitive part of this file using 3DES. | 1007 | sensitive part of this file using 3DES. |
935 | .It Pa $HOME/.ssh/identity.pub | 1008 | .It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub |
936 | Contains the public key for authentication (public part of the | 1009 | Contains the public key for authentication (public part of the |
937 | identity file in human-readable form). | 1010 | identity file in human-readable form). |
938 | The contents of this file should be added to | 1011 | The contents of the |
1012 | .Pa $HOME/.ssh/identity.pub | ||
1013 | file should be added to | ||
939 | .Pa $HOME/.ssh/authorized_keys | 1014 | .Pa $HOME/.ssh/authorized_keys |
940 | on all machines | 1015 | on all machines |
941 | where you wish to log in using RSA authentication. | 1016 | where you wish to log in using RSA authentication. |
942 | This file is not | 1017 | The contents of the |
1018 | .Pa $HOME/.ssh/id_dsa.pub | ||
1019 | file should be added to | ||
1020 | .Pa $HOME/.ssh/authorized_keys2 | ||
1021 | on all machines | ||
1022 | where you wish to log in using DSA authentication. | ||
1023 | These files are not | ||
943 | sensitive and can (but need not) be readable by anyone. | 1024 | sensitive and can (but need not) be readable by anyone. |
944 | This file is | 1025 | These files are |
945 | never used automatically and is not necessary; it is only provided for | 1026 | never used automatically and are not necessary; they is only provided for |
946 | the convenience of the user. | 1027 | the convenience of the user. |
947 | .It Pa $HOME/.ssh/config | 1028 | .It Pa $HOME/.ssh/config |
948 | This is the per-user configuration file. | 1029 | This is the per-user configuration file. |
@@ -964,9 +1045,17 @@ modulus, public exponent, modulus, and comment fields, separated by | |||
964 | spaces). | 1045 | spaces). |
965 | This file is not highly sensitive, but the recommended | 1046 | This file is not highly sensitive, but the recommended |
966 | permissions are read/write for the user, and not accessible by others. | 1047 | permissions are read/write for the user, and not accessible by others. |
967 | .It Pa /etc/ssh_known_hosts | 1048 | .It Pa $HOME/.ssh/authorized_keys2 |
1049 | Lists the DSA keys that can be used for logging in as this user. | ||
1050 | This file is not highly sensitive, but the recommended | ||
1051 | permissions are read/write for the user, and not accessible by others. | ||
1052 | .It Pa /etc/ssh_known_hosts, /etc/ssh_known_hosts2 | ||
968 | Systemwide list of known host keys. | 1053 | Systemwide list of known host keys. |
969 | This file should be prepared by the | 1054 | .Pa /etc/ssh_known_hosts |
1055 | contains RSA and | ||
1056 | .Pa /etc/ssh_known_hosts2 | ||
1057 | contains DSA keys. | ||
1058 | These files should be prepared by the | ||
970 | system administrator to contain the public host keys of all machines in the | 1059 | system administrator to contain the public host keys of all machines in the |
971 | organization. | 1060 | organization. |
972 | This file should be world-readable. | 1061 | This file should be world-readable. |
@@ -1025,7 +1114,7 @@ you can store it in | |||
1025 | .Pa $HOME/.ssh/known_hosts . | 1114 | .Pa $HOME/.ssh/known_hosts . |
1026 | The easiest way to do this is to | 1115 | The easiest way to do this is to |
1027 | connect back to the client from the server machine using ssh; this | 1116 | connect back to the client from the server machine using ssh; this |
1028 | will automatically add the host key inxi | 1117 | will automatically add the host key to |
1029 | .Pa $HOME/.ssh/known_hosts . | 1118 | .Pa $HOME/.ssh/known_hosts . |
1030 | .It Pa $HOME/.shosts | 1119 | .It Pa $HOME/.shosts |
1031 | This file is used exactly the same way as | 1120 | This file is used exactly the same way as |
@@ -1086,6 +1175,7 @@ but with bugs removed and newer features re-added. | |||
1086 | Rapidly after the | 1175 | Rapidly after the |
1087 | 1.2.12 release, newer versions of the original ssh bore successively | 1176 | 1.2.12 release, newer versions of the original ssh bore successively |
1088 | more restrictive licenses, and thus demand for a free version was born. | 1177 | more restrictive licenses, and thus demand for a free version was born. |
1178 | .Pp | ||
1089 | This version of OpenSSH | 1179 | This version of OpenSSH |
1090 | .Bl -bullet | 1180 | .Bl -bullet |
1091 | .It | 1181 | .It |
@@ -1094,8 +1184,8 @@ directly removed from the source code; any licensed or patented components | |||
1094 | are chosen from | 1184 | are chosen from |
1095 | external libraries. | 1185 | external libraries. |
1096 | .It | 1186 | .It |
1097 | has been updated to support ssh protocol 1.5, making it compatible with | 1187 | has been updated to support SSH protocol 1.5 and 2, making it compatible with |
1098 | all other ssh protocol 1 clients and servers. | 1188 | all other SSH clients and servers. |
1099 | .It | 1189 | .It |
1100 | contains added support for | 1190 | contains added support for |
1101 | .Xr kerberos 8 | 1191 | .Xr kerberos 8 |
@@ -1107,6 +1197,8 @@ supports one-time password authentication with | |||
1107 | .Pp | 1197 | .Pp |
1108 | OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, | 1198 | OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, |
1109 | Niels Provos, Theo de Raadt, and Dug Song. | 1199 | Niels Provos, Theo de Raadt, and Dug Song. |
1200 | .Pp | ||
1201 | The support for SSH protocol 2 was written by Markus Friedl. | ||
1110 | .Sh SEE ALSO | 1202 | .Sh SEE ALSO |
1111 | .Xr rlogin 1 , | 1203 | .Xr rlogin 1 , |
1112 | .Xr rsh 1 , | 1204 | .Xr rsh 1 , |