summaryrefslogtreecommitdiff
path: root/ssh_config.5
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-04-30 23:18:22 +0000
committerDamien Miller <djm@mindrot.org>2017-05-01 10:05:00 +1000
commit788ac799a6efa40517f2ac0d895a610394298ffc (patch)
tree29e320f7adeb31b2febfa08cc60b6c578263dfc6 /ssh_config.5
parente6882463a8ae0594aacb6d6575a6318a41973d84 (diff)
upstream commit
remove SSHv1 configuration options and man pages bits ok markus@ Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424
Diffstat (limited to 'ssh_config.5')
-rw-r--r--ssh_config.577
1 files changed, 4 insertions, 73 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index c9dca08d8..a565f330d 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.244 2017/04/28 06:15:03 jmc Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.245 2017/04/30 23:18:22 djm Exp $
37.Dd $Mdocdate: April 28 2017 $ 37.Dd $Mdocdate: April 30 2017 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -391,25 +391,8 @@ in the process, regardless of the setting of
391If the option is set to 391If the option is set to
392.Cm no , 392.Cm no ,
393the check will not be executed. 393the check will not be executed.
394.It Cm Cipher
395Specifies the cipher to use for encrypting the session
396in protocol version 1.
397Currently,
398.Cm blowfish ,
399.Cm 3des
400(the default),
401and
402.Cm des
403are supported,
404though
405.Cm des
406is only supported in the
407.Xr ssh 1
408client for interoperability with legacy protocol 1 implementations;
409its use is strongly discouraged due to cryptographic weaknesses.
410.It Cm Ciphers 394.It Cm Ciphers
411Specifies the ciphers allowed for protocol version 2 395Specifies the ciphers allowed and their order of preference.
412in order of preference.
413Multiple ciphers must be comma-separated. 396Multiple ciphers must be comma-separated.
414If the specified value begins with a 397If the specified value begins with a
415.Sq + 398.Sq +
@@ -472,18 +455,6 @@ The argument must be
472or 455or
473.Cm no 456.Cm no
474(the default). 457(the default).
475.It Cm CompressionLevel
476Specifies the compression level to use if compression is enabled.
477The argument must be an integer from 1 (fast) to 9 (slow, best).
478The default level is 6, which is good for most applications.
479The meaning of the values is the same as in
480.Xr gzip 1 .
481Note that this option applies to protocol version 1 only.
482.It Cm ConnectionAttempts
483Specifies the number of tries (one per second) to make before exiting.
484The argument must be an integer.
485This may be useful in scripts if the connection sometimes fails.
486The default is 1.
487.It Cm ConnectTimeout 458.It Cm ConnectTimeout
488Specifies the timeout (in seconds) used when connecting to the 459Specifies the timeout (in seconds) used when connecting to the
489SSH server, instead of using the default system TCP timeout. 460SSH server, instead of using the default system TCP timeout.
@@ -902,14 +873,11 @@ section.
902Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication 873Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication
903identity is read. 874identity is read.
904The default is 875The default is
905.Pa ~/.ssh/identity
906for protocol version 1, and
907.Pa ~/.ssh/id_dsa , 876.Pa ~/.ssh/id_dsa ,
908.Pa ~/.ssh/id_ecdsa , 877.Pa ~/.ssh/id_ecdsa ,
909.Pa ~/.ssh/id_ed25519 878.Pa ~/.ssh/id_ed25519
910and 879and
911.Pa ~/.ssh/id_rsa 880.Pa ~/.ssh/id_rsa .
912for protocol version 2.
913Additionally, any identities represented by the authentication agent 881Additionally, any identities represented by the authentication agent
914will be used for authentication unless 882will be used for authentication unless
915.Cm IdentitiesOnly 883.Cm IdentitiesOnly
@@ -1192,21 +1160,6 @@ The default is:
1192gssapi-with-mic,hostbased,publickey, 1160gssapi-with-mic,hostbased,publickey,
1193keyboard-interactive,password 1161keyboard-interactive,password
1194.Ed 1162.Ed
1195.It Cm Protocol
1196Specifies the protocol versions
1197.Xr ssh 1
1198should support in order of preference.
1199The possible values are 1 and 2.
1200Multiple versions must be comma-separated.
1201When this option is set to
1202.Cm 2,1
1203.Nm ssh
1204will try version 2 and fall back to version 1
1205if version 2 is not available.
1206The default is version 2.
1207Protocol 1 suffers from a number of cryptographic weaknesses and should
1208not be used.
1209It is only offered to support legacy devices.
1210.It Cm ProxyCommand 1163.It Cm ProxyCommand
1211Specifies the command to use to connect to the server. 1164Specifies the command to use to connect to the server.
1212The command 1165The command
@@ -1397,28 +1350,6 @@ an OpenSSH Key Revocation List (KRL) as generated by
1397.Xr ssh-keygen 1 . 1350.Xr ssh-keygen 1 .
1398For more information on KRLs, see the KEY REVOCATION LISTS section in 1351For more information on KRLs, see the KEY REVOCATION LISTS section in
1399.Xr ssh-keygen 1 . 1352.Xr ssh-keygen 1 .
1400.It Cm RhostsRSAAuthentication
1401Specifies whether to try rhosts based authentication with RSA host
1402authentication.
1403The argument must be
1404.Cm yes
1405or
1406.Cm no
1407(the default).
1408This option applies to protocol version 1 only and requires
1409.Xr ssh 1
1410to be setuid root.
1411.It Cm RSAAuthentication
1412Specifies whether to try RSA authentication.
1413The argument to this keyword must be
1414.Cm yes
1415(the default)
1416or
1417.Cm no .
1418RSA authentication will only be
1419attempted if the identity file exists, or an authentication agent is
1420running.
1421Note that this option applies to protocol version 1 only.
1422.It Cm SendEnv 1353.It Cm SendEnv
1423Specifies what variables from the local 1354Specifies what variables from the local
1424.Xr environ 7 1355.Xr environ 7