diff options
author | Damien Miller <djm@mindrot.org> | 2005-12-13 19:29:02 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2005-12-13 19:29:02 +1100 |
commit | d27b947178df3689bfb7fdfb62a5f1337ef73481 (patch) | |
tree | c8678325c355b3602bdabca16da1baa8707818eb /ssh_config.5 | |
parent | 6dbdb6afeec1820b2799c2693fc8e8b364be8228 (diff) |
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
[sshconnect.h sshd.8 sshd_config sshd_config.5]
Add support for tun(4) forwarding over OpenSSH, based on an idea and
initial channel code bits by markus@. This is a simple and easy way to
use OpenSSH for ad hoc virtual private network connections, e.g.
administrative tunnels or secure wireless access. It's based on a new
ssh channel and works similar to the existing TCP forwarding support,
except that it depends on the tun(4) network interface on both ends of
the connection for layer 2 or layer 3 tunneling. This diff also adds
support for LocalCommand in the ssh(1) client.
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 13cdee88b..d1930baab 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh_config.5,v 1.64 2005/10/30 08:43:47 jmc Exp $ | 37 | .\" $OpenBSD: ssh_config.5,v 1.65 2005/12/06 22:38:27 reyk Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH_CONFIG 5 | 39 | .Dt SSH_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -556,6 +556,14 @@ The default is | |||
556 | Specifies the list of methods to use in keyboard-interactive authentication. | 556 | Specifies the list of methods to use in keyboard-interactive authentication. |
557 | Multiple method names must be comma-separated. | 557 | Multiple method names must be comma-separated. |
558 | The default is to use the server specified list. | 558 | The default is to use the server specified list. |
559 | .It Cm LocalCommand | ||
560 | Specifies a command to execute on the local machine after successfully | ||
561 | connecting to the server. | ||
562 | The command string extends to the end of the line, and is executed with | ||
563 | .Pa /bin/sh . | ||
564 | This directive is ignored unless | ||
565 | .Cm PermitLocalCommand | ||
566 | has been enabled. | ||
559 | .It Cm LocalForward | 567 | .It Cm LocalForward |
560 | Specifies that a TCP/IP port on the local machine be forwarded over | 568 | Specifies that a TCP/IP port on the local machine be forwarded over |
561 | the secure channel to the specified host and port from the remote machine. | 569 | the secure channel to the specified host and port from the remote machine. |
@@ -628,6 +636,19 @@ The default is | |||
628 | .It Cm Port | 636 | .It Cm Port |
629 | Specifies the port number to connect on the remote host. | 637 | Specifies the port number to connect on the remote host. |
630 | Default is 22. | 638 | Default is 22. |
639 | .It Cm PermitLocalCommand | ||
640 | Allow local command execution via the | ||
641 | .Ic LocalCommand | ||
642 | option or using the | ||
643 | .Ic ! Ar command | ||
644 | escape sequence in | ||
645 | .Xr ssh 1 . | ||
646 | The argument must be | ||
647 | .Dq yes | ||
648 | or | ||
649 | .Dq no . | ||
650 | The default is | ||
651 | .Dq no . | ||
631 | .It Cm PreferredAuthentications | 652 | .It Cm PreferredAuthentications |
632 | Specifies the order in which the client should try protocol 2 | 653 | Specifies the order in which the client should try protocol 2 |
633 | authentication methods. | 654 | authentication methods. |
@@ -887,6 +908,21 @@ Note that this option must be set to | |||
887 | for | 908 | for |
888 | .Cm RhostsRSAAuthentication | 909 | .Cm RhostsRSAAuthentication |
889 | with older servers. | 910 | with older servers. |
911 | .It Cm Tunnel | ||
912 | Request starting | ||
913 | .Xr tun 4 | ||
914 | device forwarding between the client and the server. | ||
915 | The argument must be | ||
916 | .Dq yes | ||
917 | or | ||
918 | .Dq no . | ||
919 | The default is | ||
920 | .Dq no . | ||
921 | .It Cm TunnelDevice | ||
922 | Force a specified | ||
923 | .Xr tun 4 | ||
924 | device on the client. | ||
925 | Without this option, the next available device will be used. | ||
890 | .It Cm User | 926 | .It Cm User |
891 | Specifies the user to log in as. | 927 | Specifies the user to log in as. |
892 | This can be useful when a different user name is used on different machines. | 928 | This can be useful when a different user name is used on different machines. |