diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-04-30 23:18:22 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-01 10:05:00 +1000 |
commit | 788ac799a6efa40517f2ac0d895a610394298ffc (patch) | |
tree | 29e320f7adeb31b2febfa08cc60b6c578263dfc6 /ssh.1 | |
parent | e6882463a8ae0594aacb6d6575a6318a41973d84 (diff) |
upstream commit
remove SSHv1 configuration options and man pages bits
ok markus@
Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424
Diffstat (limited to 'ssh.1')
-rw-r--r-- | ssh.1 | 57 |
1 files changed, 5 insertions, 52 deletions
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh.1,v 1.376 2016/07/16 06:57:55 jmc Exp $ | 36 | .\" $OpenBSD: ssh.1,v 1.377 2017/04/30 23:18:22 djm Exp $ |
37 | .Dd $Mdocdate: July 16 2016 $ | 37 | .Dd $Mdocdate: April 30 2017 $ |
38 | .Dt SSH 1 | 38 | .Dt SSH 1 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -43,7 +43,7 @@ | |||
43 | .Sh SYNOPSIS | 43 | .Sh SYNOPSIS |
44 | .Nm ssh | 44 | .Nm ssh |
45 | .Bk -words | 45 | .Bk -words |
46 | .Op Fl 1246AaCfGgKkMNnqsTtVvXxYy | 46 | .Op Fl 46AaCfGgKkMNnqsTtVvXxYy |
47 | .Op Fl b Ar bind_address | 47 | .Op Fl b Ar bind_address |
48 | .Op Fl c Ar cipher_spec | 48 | .Op Fl c Ar cipher_spec |
49 | .Op Fl D Oo Ar bind_address : Oc Ns Ar port | 49 | .Op Fl D Oo Ar bind_address : Oc Ns Ar port |
@@ -95,16 +95,6 @@ it is executed on the remote host instead of a login shell. | |||
95 | The options are as follows: | 95 | The options are as follows: |
96 | .Pp | 96 | .Pp |
97 | .Bl -tag -width Ds -compact | 97 | .Bl -tag -width Ds -compact |
98 | .It Fl 1 | ||
99 | Forces | ||
100 | .Nm | ||
101 | to try protocol version 1 only. | ||
102 | .Pp | ||
103 | .It Fl 2 | ||
104 | Forces | ||
105 | .Nm | ||
106 | to try protocol version 2 only. | ||
107 | .Pp | ||
108 | .It Fl 4 | 98 | .It Fl 4 |
109 | Forces | 99 | Forces |
110 | .Nm | 100 | .Nm |
@@ -144,12 +134,7 @@ data for forwarded X11, TCP and | |||
144 | .Ux Ns -domain | 134 | .Ux Ns -domain |
145 | connections). | 135 | connections). |
146 | The compression algorithm is the same used by | 136 | The compression algorithm is the same used by |
147 | .Xr gzip 1 , | 137 | .Xr gzip 1 . |
148 | and the | ||
149 | .Dq level | ||
150 | can be controlled by the | ||
151 | .Cm CompressionLevel | ||
152 | option for protocol version 1. | ||
153 | Compression is desirable on modem lines and other | 138 | Compression is desirable on modem lines and other |
154 | slow connections, but will only slow down things on fast networks. | 139 | slow connections, but will only slow down things on fast networks. |
155 | The default value can be set on a host-by-host basis in the | 140 | The default value can be set on a host-by-host basis in the |
@@ -159,14 +144,6 @@ option. | |||
159 | .Pp | 144 | .Pp |
160 | .It Fl c Ar cipher_spec | 145 | .It Fl c Ar cipher_spec |
161 | Selects the cipher specification for encrypting the session. | 146 | Selects the cipher specification for encrypting the session. |
162 | .Pp | ||
163 | Protocol version 1 allows specification of a single cipher. | ||
164 | The supported values are | ||
165 | .Dq 3des , | ||
166 | .Dq blowfish , | ||
167 | and | ||
168 | .Dq des . | ||
169 | For protocol version 2, | ||
170 | .Ar cipher_spec | 147 | .Ar cipher_spec |
171 | is a comma-separated list of ciphers | 148 | is a comma-separated list of ciphers |
172 | listed in order of preference. | 149 | listed in order of preference. |
@@ -290,8 +267,6 @@ private RSA key. | |||
290 | Selects a file from which the identity (private key) for | 267 | Selects a file from which the identity (private key) for |
291 | public key authentication is read. | 268 | public key authentication is read. |
292 | The default is | 269 | The default is |
293 | .Pa ~/.ssh/identity | ||
294 | for protocol version 1, and | ||
295 | .Pa ~/.ssh/id_dsa , | 270 | .Pa ~/.ssh/id_dsa , |
296 | .Pa ~/.ssh/id_ecdsa , | 271 | .Pa ~/.ssh/id_ecdsa , |
297 | .Pa ~/.ssh/id_ed25519 | 272 | .Pa ~/.ssh/id_ed25519 |
@@ -495,7 +470,6 @@ For full details of the options listed below, and their possible values, see | |||
495 | .It Ciphers | 470 | .It Ciphers |
496 | .It ClearAllForwardings | 471 | .It ClearAllForwardings |
497 | .It Compression | 472 | .It Compression |
498 | .It CompressionLevel | ||
499 | .It ConnectionAttempts | 473 | .It ConnectionAttempts |
500 | .It ConnectTimeout | 474 | .It ConnectTimeout |
501 | .It ControlMaster | 475 | .It ControlMaster |
@@ -540,7 +514,6 @@ For full details of the options listed below, and their possible values, see | |||
540 | .It PKCS11Provider | 514 | .It PKCS11Provider |
541 | .It Port | 515 | .It Port |
542 | .It PreferredAuthentications | 516 | .It PreferredAuthentications |
543 | .It Protocol | ||
544 | .It ProxyCommand | 517 | .It ProxyCommand |
545 | .It ProxyJump | 518 | .It ProxyJump |
546 | .It ProxyUseFdpass | 519 | .It ProxyUseFdpass |
@@ -549,8 +522,6 @@ For full details of the options listed below, and their possible values, see | |||
549 | .It RekeyLimit | 522 | .It RekeyLimit |
550 | .It RemoteForward | 523 | .It RemoteForward |
551 | .It RequestTTY | 524 | .It RequestTTY |
552 | .It RhostsRSAAuthentication | ||
553 | .It RSAAuthentication | ||
554 | .It SendEnv | 525 | .It SendEnv |
555 | .It ServerAliveInterval | 526 | .It ServerAliveInterval |
556 | .It ServerAliveCountMax | 527 | .It ServerAliveCountMax |
@@ -806,21 +777,7 @@ a per-user configuration file and a system-wide configuration file. | |||
806 | The file format and configuration options are described in | 777 | The file format and configuration options are described in |
807 | .Xr ssh_config 5 . | 778 | .Xr ssh_config 5 . |
808 | .Sh AUTHENTICATION | 779 | .Sh AUTHENTICATION |
809 | The OpenSSH SSH client supports SSH protocols 1 and 2. | 780 | The OpenSSH SSH client supports SSH protocol 2. |
810 | The default is to use protocol 2 only, | ||
811 | though this can be changed via the | ||
812 | .Cm Protocol | ||
813 | option in | ||
814 | .Xr ssh_config 5 | ||
815 | or the | ||
816 | .Fl 1 | ||
817 | and | ||
818 | .Fl 2 | ||
819 | options (see above). | ||
820 | Protocol 1 should not be used | ||
821 | and is only offered to support legacy devices. | ||
822 | It suffers from a number of cryptographic weaknesses | ||
823 | and doesn't support many of the advanced features available for protocol 2. | ||
824 | .Pp | 781 | .Pp |
825 | The methods available for authentication are: | 782 | The methods available for authentication are: |
826 | GSSAPI-based authentication, | 783 | GSSAPI-based authentication, |
@@ -893,8 +850,6 @@ is authorized to accept the account. | |||
893 | The user creates his/her key pair by running | 850 | The user creates his/her key pair by running |
894 | .Xr ssh-keygen 1 . | 851 | .Xr ssh-keygen 1 . |
895 | This stores the private key in | 852 | This stores the private key in |
896 | .Pa ~/.ssh/identity | ||
897 | (protocol 1), | ||
898 | .Pa ~/.ssh/id_dsa | 853 | .Pa ~/.ssh/id_dsa |
899 | (DSA), | 854 | (DSA), |
900 | .Pa ~/.ssh/id_ecdsa | 855 | .Pa ~/.ssh/id_ecdsa |
@@ -905,8 +860,6 @@ or | |||
905 | .Pa ~/.ssh/id_rsa | 860 | .Pa ~/.ssh/id_rsa |
906 | (RSA) | 861 | (RSA) |
907 | and stores the public key in | 862 | and stores the public key in |
908 | .Pa ~/.ssh/identity.pub | ||
909 | (protocol 1), | ||
910 | .Pa ~/.ssh/id_dsa.pub | 863 | .Pa ~/.ssh/id_dsa.pub |
911 | (DSA), | 864 | (DSA), |
912 | .Pa ~/.ssh/id_ecdsa.pub | 865 | .Pa ~/.ssh/id_ecdsa.pub |