diff options
author | Colin Watson <cjwatson@debian.org> | 2018-08-24 12:49:36 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2018-08-24 12:49:36 +0100 |
commit | e6547182a54f0f268ee36e7c99319eeddffbaff2 (patch) | |
tree | 417527229ad3f3764ba71ea383f478a168895087 /ssh_config.0 | |
parent | ed6ae9c1a014a08ff5db3d768f01f2e427eeb476 (diff) | |
parent | 71508e06fab14bc415a79a08f5535ad7bffa93d9 (diff) |
Import openssh_7.8p1.orig.tar.gz
Diffstat (limited to 'ssh_config.0')
-rw-r--r-- | ssh_config.0 | 82 |
1 files changed, 42 insertions, 40 deletions
diff --git a/ssh_config.0 b/ssh_config.0 index 4109b1909..00afda1ca 100644 --- a/ssh_config.0 +++ b/ssh_config.0 | |||
@@ -109,13 +109,11 @@ DESCRIPTION | |||
109 | BindAddress | 109 | BindAddress |
110 | Use the specified address on the local machine as the source | 110 | Use the specified address on the local machine as the source |
111 | address of the connection. Only useful on systems with more than | 111 | address of the connection. Only useful on systems with more than |
112 | one address. Note that this option does not work if | 112 | one address. |
113 | UsePrivilegedPort is set to yes. | ||
114 | 113 | ||
115 | BindInterface | 114 | BindInterface |
116 | Use the address of the specified interface on the local machine | 115 | Use the address of the specified interface on the local machine |
117 | as the source address of the connection. Note that this option | 116 | as the source address of the connection. |
118 | does not work if UsePrivilegedPort is set to yes. | ||
119 | 117 | ||
120 | CanonicalDomains | 118 | CanonicalDomains |
121 | When CanonicalizeHostname is enabled, this option specifies the | 119 | When CanonicalizeHostname is enabled, this option specifies the |
@@ -216,8 +214,7 @@ DESCRIPTION | |||
216 | 214 | ||
217 | chacha20-poly1305@openssh.com, | 215 | chacha20-poly1305@openssh.com, |
218 | aes128-ctr,aes192-ctr,aes256-ctr, | 216 | aes128-ctr,aes192-ctr,aes256-ctr, |
219 | aes128-gcm@openssh.com,aes256-gcm@openssh.com, | 217 | aes128-gcm@openssh.com,aes256-gcm@openssh.com |
220 | aes128-cbc,aes192-cbc,aes256-cbc | ||
221 | 218 | ||
222 | The list of available ciphers may also be obtained using "ssh -Q | 219 | The list of available ciphers may also be obtained using "ssh -Q |
223 | cipher". | 220 | cipher". |
@@ -429,11 +426,11 @@ DESCRIPTION | |||
429 | 426 | ||
430 | HostbasedKeyTypes | 427 | HostbasedKeyTypes |
431 | Specifies the key types that will be used for hostbased | 428 | Specifies the key types that will be used for hostbased |
432 | authentication as a comma-separated pattern list. Alternately if | 429 | authentication as a comma-separated list of patterns. |
433 | the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the | 430 | Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, |
434 | specified key types will be appended to the default set instead | 431 | then the specified key types will be appended to the default set |
435 | of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y | 432 | instead of replacing them. If the specified value begins with a |
436 | character, then the specified key types (including wildcards) | 433 | M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards) |
437 | will be removed from the default set instead of replacing them. | 434 | will be removed from the default set instead of replacing them. |
438 | The default for this option is: | 435 | The default for this option is: |
439 | 436 | ||
@@ -441,9 +438,10 @@ DESCRIPTION | |||
441 | ecdsa-sha2-nistp384-cert-v01@openssh.com, | 438 | ecdsa-sha2-nistp384-cert-v01@openssh.com, |
442 | ecdsa-sha2-nistp521-cert-v01@openssh.com, | 439 | ecdsa-sha2-nistp521-cert-v01@openssh.com, |
443 | ssh-ed25519-cert-v01@openssh.com, | 440 | ssh-ed25519-cert-v01@openssh.com, |
441 | rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com, | ||
444 | ssh-rsa-cert-v01@openssh.com, | 442 | ssh-rsa-cert-v01@openssh.com, |
445 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, | 443 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
446 | ssh-ed25519,ssh-rsa | 444 | ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa |
447 | 445 | ||
448 | The -Q option of ssh(1) may be used to list supported key types. | 446 | The -Q option of ssh(1) may be used to list supported key types. |
449 | 447 | ||
@@ -460,9 +458,10 @@ DESCRIPTION | |||
460 | ecdsa-sha2-nistp384-cert-v01@openssh.com, | 458 | ecdsa-sha2-nistp384-cert-v01@openssh.com, |
461 | ecdsa-sha2-nistp521-cert-v01@openssh.com, | 459 | ecdsa-sha2-nistp521-cert-v01@openssh.com, |
462 | ssh-ed25519-cert-v01@openssh.com, | 460 | ssh-ed25519-cert-v01@openssh.com, |
461 | rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com, | ||
463 | ssh-rsa-cert-v01@openssh.com, | 462 | ssh-rsa-cert-v01@openssh.com, |
464 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, | 463 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
465 | ssh-ed25519,ssh-rsa | 464 | ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa |
466 | 465 | ||
467 | If hostkeys are known for the destination host then this default | 466 | If hostkeys are known for the destination host then this default |
468 | is modified to prefer their algorithms. | 467 | is modified to prefer their algorithms. |
@@ -544,7 +543,7 @@ DESCRIPTION | |||
544 | 543 | ||
545 | Include | 544 | Include |
546 | Include the specified configuration file(s). Multiple pathnames | 545 | Include the specified configuration file(s). Multiple pathnames |
547 | may be specified and each pathname may contain glob(3) wildcards | 546 | may be specified and each pathname may contain glob(7) wildcards |
548 | and, for user configurations, shell-like M-bM-^@M-^X~M-bM-^@M-^Y references to user | 547 | and, for user configurations, shell-like M-bM-^@M-^X~M-bM-^@M-^Y references to user |
549 | home directories. Files without absolute paths are assumed to be | 548 | home directories. Files without absolute paths are assumed to be |
550 | in ~/.ssh if included in a user configuration file or /etc/ssh if | 549 | in ~/.ssh if included in a user configuration file or /etc/ssh if |
@@ -561,8 +560,8 @@ DESCRIPTION | |||
561 | is specified, it is used as the packet class unconditionally. If | 560 | is specified, it is used as the packet class unconditionally. If |
562 | two values are specified, the first is automatically selected for | 561 | two values are specified, the first is automatically selected for |
563 | interactive sessions and the second for non-interactive sessions. | 562 | interactive sessions and the second for non-interactive sessions. |
564 | The default is lowdelay for interactive sessions and throughput | 563 | The default is af21 (Low-Latency Data) for interactive sessions |
565 | for non-interactive sessions. | 564 | and cs1 (Lower Effort) for non-interactive sessions. |
566 | 565 | ||
567 | KbdInteractiveAuthentication | 566 | KbdInteractiveAuthentication |
568 | Specifies whether to use keyboard-interactive authentication. | 567 | Specifies whether to use keyboard-interactive authentication. |
@@ -573,8 +572,7 @@ DESCRIPTION | |||
573 | authentication. Multiple method names must be comma-separated. | 572 | authentication. Multiple method names must be comma-separated. |
574 | The default is to use the server specified list. The methods | 573 | The default is to use the server specified list. The methods |
575 | available vary depending on what the server supports. For an | 574 | available vary depending on what the server supports. For an |
576 | OpenSSH server, it may be zero or more of: bsdauth, pam, and | 575 | OpenSSH server, it may be zero or more of: bsdauth and pam. |
577 | skey. | ||
578 | 576 | ||
579 | KexAlgorithms | 577 | KexAlgorithms |
580 | Specifies the available KEX (Key Exchange) algorithms. Multiple | 578 | Specifies the available KEX (Key Exchange) algorithms. Multiple |
@@ -735,11 +733,11 @@ DESCRIPTION | |||
735 | 733 | ||
736 | PubkeyAcceptedKeyTypes | 734 | PubkeyAcceptedKeyTypes |
737 | Specifies the key types that will be used for public key | 735 | Specifies the key types that will be used for public key |
738 | authentication as a comma-separated pattern list. Alternately if | 736 | authentication as a comma-separated list of patterns. |
739 | the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the key | 737 | Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, |
740 | types after it will be appended to the default instead of | 738 | then the key types after it will be appended to the default |
741 | replacing it. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y | 739 | instead of replacing it. If the specified value begins with a |
742 | character, then the specified key types (including wildcards) | 740 | M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards) |
743 | will be removed from the default set instead of replacing them. | 741 | will be removed from the default set instead of replacing them. |
744 | The default for this option is: | 742 | The default for this option is: |
745 | 743 | ||
@@ -747,9 +745,10 @@ DESCRIPTION | |||
747 | ecdsa-sha2-nistp384-cert-v01@openssh.com, | 745 | ecdsa-sha2-nistp384-cert-v01@openssh.com, |
748 | ecdsa-sha2-nistp521-cert-v01@openssh.com, | 746 | ecdsa-sha2-nistp521-cert-v01@openssh.com, |
749 | ssh-ed25519-cert-v01@openssh.com, | 747 | ssh-ed25519-cert-v01@openssh.com, |
748 | rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com, | ||
750 | ssh-rsa-cert-v01@openssh.com, | 749 | ssh-rsa-cert-v01@openssh.com, |
751 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, | 750 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
752 | ssh-ed25519,ssh-rsa | 751 | ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa |
753 | 752 | ||
754 | The list of available key types may also be obtained using "ssh | 753 | The list of available key types may also be obtained using "ssh |
755 | -Q key". | 754 | -Q key". |
@@ -781,7 +780,7 @@ DESCRIPTION | |||
781 | 780 | ||
782 | RemoteForward | 781 | RemoteForward |
783 | Specifies that a TCP port on the remote machine be forwarded over | 782 | Specifies that a TCP port on the remote machine be forwarded over |
784 | the secure channel. The remote port may either be fowarded to a | 783 | the secure channel. The remote port may either be forwarded to a |
785 | specified host and port from the local machine, or may act as a | 784 | specified host and port from the local machine, or may act as a |
786 | SOCKS 4/5 proxy that allows a remote client to connect to | 785 | SOCKS 4/5 proxy that allows a remote client to connect to |
787 | arbitrary destinations from the local machine. The first | 786 | arbitrary destinations from the local machine. The first |
@@ -832,11 +831,14 @@ DESCRIPTION | |||
832 | server. Variables are specified by name, which may contain | 831 | server. Variables are specified by name, which may contain |
833 | wildcard characters. Multiple environment variables may be | 832 | wildcard characters. Multiple environment variables may be |
834 | separated by whitespace or spread across multiple SendEnv | 833 | separated by whitespace or spread across multiple SendEnv |
835 | directives. The default is not to send any environment | 834 | directives. |
836 | variables. | ||
837 | 835 | ||
838 | See PATTERNS for more information on patterns. | 836 | See PATTERNS for more information on patterns. |
839 | 837 | ||
838 | It is possible to clear previously set SendEnv variable names by | ||
839 | prefixing patterns with -. The default is not to send any | ||
840 | environment variables. | ||
841 | |||
840 | ServerAliveCountMax | 842 | ServerAliveCountMax |
841 | Sets the number of server alive messages (see below) which may be | 843 | Sets the number of server alive messages (see below) which may be |
842 | sent without ssh(1) receiving any messages back from the server. | 844 | sent without ssh(1) receiving any messages back from the server. |
@@ -862,6 +864,10 @@ DESCRIPTION | |||
862 | default is 0, indicating that these messages will not be sent to | 864 | default is 0, indicating that these messages will not be sent to |
863 | the server. | 865 | the server. |
864 | 866 | ||
867 | SetEnv Directly specify one or more environment variables and their | ||
868 | contents to be sent to the server. Similarly to SendEnv, the | ||
869 | server must be prepared to accept the environment variable. | ||
870 | |||
865 | StreamLocalBindMask | 871 | StreamLocalBindMask |
866 | Sets the octal file creation mode mask (umask) used when creating | 872 | Sets the octal file creation mode mask (umask) used when creating |
867 | a Unix-domain socket file for local or remote port forwarding. | 873 | a Unix-domain socket file for local or remote port forwarding. |
@@ -956,11 +962,6 @@ DESCRIPTION | |||
956 | "hostkeys@openssh.com" protocol extension used to inform the | 962 | "hostkeys@openssh.com" protocol extension used to inform the |
957 | client of all the server's hostkeys. | 963 | client of all the server's hostkeys. |
958 | 964 | ||
959 | UsePrivilegedPort | ||
960 | Specifies whether to use a privileged port for outgoing | ||
961 | connections. The argument must be yes or no (the default). If | ||
962 | set to yes, ssh(1) must be setuid root. | ||
963 | |||
964 | User Specifies the user to log in as. This can be useful when a | 965 | User Specifies the user to log in as. This can be useful when a |
965 | different user name is used on different machines. This saves | 966 | different user name is used on different machines. This saves |
966 | the trouble of having to remember to give the user name on the | 967 | the trouble of having to remember to give the user name on the |
@@ -1046,24 +1047,25 @@ TOKENS | |||
1046 | tunnel forwarding was requested, or "NONE" otherwise. | 1047 | tunnel forwarding was requested, or "NONE" otherwise. |
1047 | %u The local username. | 1048 | %u The local username. |
1048 | 1049 | ||
1049 | Match exec accepts the tokens %%, %h, %L, %l, %n, %p, %r, and %u. | 1050 | Match exec accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u. |
1050 | 1051 | ||
1051 | CertificateFile accepts the tokens %%, %d, %h, %l, %r, and %u. | 1052 | CertificateFile accepts the tokens %%, %d, %h, %i, %l, %r, and %u. |
1052 | 1053 | ||
1053 | ControlPath accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and | 1054 | ControlPath accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and |
1054 | %u. | 1055 | %u. |
1055 | 1056 | ||
1056 | HostName accepts the tokens %% and %h. | 1057 | HostName accepts the tokens %% and %h. |
1057 | 1058 | ||
1058 | IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %l, %r, and | 1059 | IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %i, %l, %r, |
1059 | %u. | 1060 | and %u. |
1060 | 1061 | ||
1061 | LocalCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and | 1062 | LocalCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, |
1062 | %u. | 1063 | and %u. |
1063 | 1064 | ||
1064 | ProxyCommand accepts the tokens %%, %h, %p, and %r. | 1065 | ProxyCommand accepts the tokens %%, %h, %p, and %r. |
1065 | 1066 | ||
1066 | RemoteCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. | 1067 | RemoteCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and |
1068 | %u. | ||
1067 | 1069 | ||
1068 | FILES | 1070 | FILES |
1069 | ~/.ssh/config | 1071 | ~/.ssh/config |
@@ -1089,4 +1091,4 @@ AUTHORS | |||
1089 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 1091 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
1090 | versions 1.5 and 2.0. | 1092 | versions 1.5 and 2.0. |
1091 | 1093 | ||
1092 | OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 | 1094 | OpenBSD 6.4 July 23, 2018 OpenBSD 6.4 |