summaryrefslogtreecommitdiff
path: root/ssh_config.0
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-09-06 09:45:52 +0100
committerColin Watson <cjwatson@debian.org>2011-09-06 09:45:52 +0100
commitf38224d546cdde55f45c13d3d8225d273a3f920e (patch)
treea91a26b88ac90dc72d0ea3767feabb341eaa50a8 /ssh_config.0
parent338146a3fc257e216fe5c10fe40e6896b40d7739 (diff)
parente90790abaf031e037f444a6658e136e48577ea49 (diff)
merge 5.9p1
Diffstat (limited to 'ssh_config.0')
-rw-r--r--ssh_config.053
1 files changed, 38 insertions, 15 deletions
diff --git a/ssh_config.0 b/ssh_config.0
index c4a12f7bb..7b9205681 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -47,6 +47,12 @@ DESCRIPTION
47 line (i.e. the name is not converted to a canonicalized host name 47 line (i.e. the name is not converted to a canonicalized host name
48 before matching). 48 before matching).
49 49
50 A pattern entry may be negated by prefixing it with an
51 exclamation mark (`!'). If a negated entry is matched, then the
52 Host entry is ignored, regardless of whether any other patterns
53 on the line match. Negated matches are therefore useful to
54 provide exceptions for wildcard matches.
55
50 See PATTERNS for more information on patterns. 56 See PATTERNS for more information on patterns.
51 57
52 AddressFamily 58 AddressFamily
@@ -160,13 +166,16 @@ DESCRIPTION
160 ControlPath 166 ControlPath
161 Specify the path to the control socket used for connection 167 Specify the path to the control socket used for connection
162 sharing as described in the ControlMaster section above or the 168 sharing as described in the ControlMaster section above or the
163 string ``none'' to disable connection sharing. In the path, `%l' 169 string ``none'' to disable connection sharing. In the path, `%L'
164 will be substituted by the local host name, `%h' will be 170 will be substituted by the first component of the local host
165 substituted by the target host name, `%p' the port, and `%r' by 171 name, `%l' will be substituted by the local host name (including
166 the remote login username. It is recommended that any 172 any domain name), `%h' will be substituted by the target host
167 ControlPath used for opportunistic connection sharing include at 173 name, `%n' will be substituted by the original target host name
168 least %h, %p, and %r. This ensures that shared connections are 174 specified on the command line, `%p' the port, `%r' by the remote
169 uniquely identified. 175 login username, and `%u' by the username of the user running
176 ssh(1). It is recommended that any ControlPath used for
177 opportunistic connection sharing include at least %h, %p, and %r.
178 This ensures that shared connections are uniquely identified.
170 179
171 ControlPersist 180 ControlPersist
172 When used in conjunction with ControlMaster, specifies that the 181 When used in conjunction with ControlMaster, specifies that the
@@ -282,8 +291,9 @@ DESCRIPTION
282 default is ``no''. 291 default is ``no''.
283 292
284 GlobalKnownHostsFile 293 GlobalKnownHostsFile
285 Specifies a file to use for the global host key database instead 294 Specifies one or more files to use for the global host key
286 of /etc/ssh/ssh_known_hosts. 295 database, separated by whitespace. The default is
296 /etc/ssh/ssh_known_hosts, /etc/ssh/ssh_known_hosts2.
287 297
288 GSSAPIAuthentication 298 GSSAPIAuthentication
289 Specifies whether user authentication based on GSSAPI is allowed. 299 Specifies whether user authentication based on GSSAPI is allowed.
@@ -336,7 +346,7 @@ DESCRIPTION
336 Specifies the real host name to log into. This can be used to 346 Specifies the real host name to log into. This can be used to
337 specify nicknames or abbreviations for hosts. If the hostname 347 specify nicknames or abbreviations for hosts. If the hostname
338 contains the character sequence `%h', then this will be replaced 348 contains the character sequence `%h', then this will be replaced
339 with the host name specified on the commandline (this is useful 349 with the host name specified on the command line (this is useful
340 for manipulating unqualified names). The default is the name 350 for manipulating unqualified names). The default is the name
341 given on the command line. Numeric IP addresses are also 351 given on the command line. Numeric IP addresses are also
342 permitted (both on the command line and in HostName 352 permitted (both on the command line and in HostName
@@ -367,7 +377,9 @@ DESCRIPTION
367 377
368 It is possible to have multiple identity files specified in 378 It is possible to have multiple identity files specified in
369 configuration files; all these identities will be tried in 379 configuration files; all these identities will be tried in
370 sequence. 380 sequence. Multiple IdentityFile directives will add to the list
381 of identities tried (this behaviour differs from that of other
382 configuration directives).
371 383
372 IPQoS Specifies the IPv4 type-of-service or DSCP class for connections. 384 IPQoS Specifies the IPv4 type-of-service or DSCP class for connections.
373 Accepted values are ``af11'', ``af12'', ``af13'', ``af14'', 385 Accepted values are ``af11'', ``af12'', ``af13'', ``af14'',
@@ -451,7 +463,9 @@ DESCRIPTION
451 must be comma-separated. The default is: 463 must be comma-separated. The default is:
452 464
453 hmac-md5,hmac-sha1,umac-64@openssh.com, 465 hmac-md5,hmac-sha1,umac-64@openssh.com,
454 hmac-ripemd160,hmac-sha1-96,hmac-md5-96 466 hmac-ripemd160,hmac-sha1-96,hmac-md5-96,
467 hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,
468 hmac-sha2-512-96
455 469
456 NoHostAuthenticationForLocalhost 470 NoHostAuthenticationForLocalhost
457 This option can be used if the home directory is shared across 471 This option can be used if the home directory is shared across
@@ -555,6 +569,14 @@ DESCRIPTION
555 if the server's GatewayPorts option is enabled (see 569 if the server's GatewayPorts option is enabled (see
556 sshd_config(5)). 570 sshd_config(5)).
557 571
572 RequestTTY
573 Specifies whether to request a pseudo-tty for the session. The
574 argument may be one of: ``no'' (never request a TTY), ``yes''
575 (always request a TTY when standard input is a TTY), ``force''
576 (always request a TTY) or ``auto'' (request a TTY when opening a
577 login session). This option mirrors the -t and -T flags for
578 ssh(1).
579
558 RhostsRSAAuthentication 580 RhostsRSAAuthentication
559 Specifies whether to try rhosts based authentication with RSA 581 Specifies whether to try rhosts based authentication with RSA
560 host authentication. The argument must be ``yes'' or ``no''. 582 host authentication. The argument must be ``yes'' or ``no''.
@@ -666,8 +688,9 @@ DESCRIPTION
666 command line. 688 command line.
667 689
668 UserKnownHostsFile 690 UserKnownHostsFile
669 Specifies a file to use for the user host key database instead of 691 Specifies one or more files to use for the user host key
670 ~/.ssh/known_hosts. 692 database, separated by whitespace. The default is
693 ~/.ssh/known_hosts, ~/.ssh/known_hosts2.
671 694
672 VerifyHostKeyDNS 695 VerifyHostKeyDNS
673 Specifies whether to verify the remote key using DNS and SSHFP 696 Specifies whether to verify the remote key using DNS and SSHFP
@@ -741,4 +764,4 @@ AUTHORS
741 created OpenSSH. Markus Friedl contributed the support for SSH protocol 764 created OpenSSH. Markus Friedl contributed the support for SSH protocol
742 versions 1.5 and 2.0. 765 versions 1.5 and 2.0.
743 766
744OpenBSD 4.9 December 8, 2010 OpenBSD 4.9 767OpenBSD 5.0 August 2, 2011 OpenBSD 5.0